AppSec USA 2016 has ended
Back To Schedule
Thursday, October 13 • 10:45am - 10:55am
Lightning Talk - Beyond The ‘Cript: Practical iOS Reverse Engineering

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

There is an app for everything these days. And if you are current on your Infosec news you know every new app comes with its own vulnerabilities. One class of bugs has been relatively easy to find, with frameworks becoming increasingly available to help. 

But more and more developers are hardening their apps against common issues using jailbreak detection and best practices, and some of the easy issues are starting to dry up.

Luckily for the top testers, there is another class of bug that can still (and only) be found with deeper knowledge of iOS and its underlying assembly code.

The aim of this talk is to build a bridge between the mundane methodologies and vulnerabilities that everyone can find (and that are now being defended against), and a new approach that finds additional bugs that require assembly knowledge to discover. 

The talk looks at the fundamentals of reversing, a primer on iOS architecture, binary patching, reversing MACH-0 binaries, and ends with some real-world examples involving jailbreak detection.

avatar for Michael Allen

Michael Allen

Security Consultant, IOActive, Inc
Michael E. Allen is a security consultant at IOActive with more than ten years of experience in the Information Security industry. His primary interests are in programming, exploit development, and reverse engineering. Mr. Allen has extensive skills in design, implementation, enhancement... Read More →

Thursday October 13, 2016 10:45am - 10:55am EDT
Room C