文章基本信息

标题：Disassembling and Patching iOS Applications
本地全文：下载
作者：Arpita Jadhav Bhatt ; Chetna Gupta
期刊名称：International Journal of Computer Science and Information Technologies
电子版ISSN：0975-9646
出版年度：2016
卷号：7
期号：1
页码：239-248
出版社：TechScience Publications
摘要：Apple’s iOS is amongst the widely used mobileoperating system. Apple follows a mandatory code signingmechanism and an app review for enhancing the level ofsecurity for iOS devices. This review procedure ensures thatthe applications are developed by genuine developers orenterprises. However, recent attacks and data harvestingincidents with the benign applications, have demonstrated thatthe mandatory code signing procedure is vulnerable to attacks.With the popularity of Smartphone and distribution of thirdparty applications, the malware which is specially designed forthe modern mobile platforms is hastily becoming a seriousthreat. As the users rely more on the third party applications(which span in a wide range of categories like social media andnetworking, gaming, data management etc.), they put theirpersonal and confidential information at risk. With thewidespread use of third party applications, there have beenmultiple reports of Malware attacks on iPhone. Attackers usethese applications to disguise malwares into the user’ssmartphone. Therefore, for ensuring security of the devicesone should perform reverse engineering of mobile applicationsfor catching up the vulnerabilities in them before the attackersdo. This paper aims to perform reverse engineering of iOSapplications by disassembling, decompiling the application’scode using Hopper tool. The paper also demonstrates how ananalyst can patch the code in the application for discoveringvulnerabilities. In this paper we have demonstrated theprocess of reverse engineering by disassembling the code withthe help of custom application.
关键词：Reverse Engineering; Disassembling;Decompiling; iOS Applications; Run time Analysis; mobile;applications; Run time Modifications