iOS Hardware/Device Types
How Apple Protects the App Store
Understanding Security Threats
Understanding the iOS Security Architecture
A Brief History of iOS Attacks
Summary
Chapter 2: iOS in the Enterprise
iOS Configuration Management
Mobile Device Management
Summary
Chapter 3: Encryption
Data Protection
Attacking Data Protection
Summary
Chapter 4: Code Signing and Memory Protections
Understanding Mandatory Access Control
How Provisioning Works
Understanding Application Signing
Inside Entitlements
How Code Signing Enforcement Works
Discovering Dynamic Code Signing
Breaking Code Signing
Summary
Chapter 5: Sandboxing
Understanding the Sandbox
Sandboxing Your Apps
Understanding the Sandbox Implementation
Summary
Chapter 6: Fuzzing iOS Applications
How Fuzzing Works
The Recipe for Fuzzing
Fuzzing Safari
Adventures in PDF Fuzzing
Quick Look Fuzzing
Fuzzing with the Simulator
Fuzzing MobileSafari
PPT Fuzzing Fun
SMS Fuzzing
Summary
Chapter 7: Exploitation
Exploiting Bug Classes
Understanding the iOS System Allocator
Taming the iOS Allocator
Understanding TCMalloc
Taming TCMalloc
ASLR Challenges
Case Study: Pwn2Own 2010
Testing Infrastructure
Summary
Chapter 8: Return-Oriented Programming
ARM Basics
ROP Introduction
What Can You Do with ROP on iOS?
Examples of ROP Shellcode on iOS
Summary
Chapter 9: Kernel Debugging and Exploitation
Kernel Structure
Kernel Debugging
Kernel Extensions and IOKit Drivers
Kernel Exploitation
Summary
Chapter 10: Jailbreaking
Why Jailbreak?
Jailbreak Types
Understanding the Jailbreaking Process
Executing Kernel Payloads and Patches
Summary
Chapter 11: Baseband Attacks
GSM Basics
Setting up OpenBTS
RTOSes Underneath the Stacks
Vulnerability Analysis
Exploiting the Baseband
Summary
Appendix: Resources
Introduction