breaking secure mobile applications - bsides

8/17/2019 Breaking Secure Mobile Applications - BSides

1/47

!"#$%&'( *+#,-"#. /01&2# 3442&,$50'6

!+&7#6/89:-'# ;

?70@,A#22?/B+#,C$16


2/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

H'E"07-,50'

3(#'7$

• !$,%("0-'7

• IA# 4"012#@

• 8$6# 6E-7

• !&'$"J 4"0E#,50'6

• K&'$2 ,$6# 6E-7J

•

80',2-6&0'6


3/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

• +4#'E L=M @0'EA6 N"0@ ;


4/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

IA# U"012#@

/01&2# B$E$

• C0E6 0N $442&,$50'6P 70&'( 20E6 0N !"#$%$&'"( EA&'(6

– !$'%&'(

– +0,&$2 '#EQ0"%6

–

V$@12&'( – U"&G$,J 7"&G#' $442&,$50'6

– W'E#"4"&6# $442&,$50'6 Q&EA &'E#"'$2 &'E#("$50'6

•

C0E6 0N &'E#"#65'( 7$E$ – UHH

– K&'$',&$2 7$E$

– +#'6&5G# ,0"40"$E# 7$E$


5/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

IA# U"012#@

IA# 3X$,% +-"N$,#

• /01&2# $442&,$50' &'6#,-"&5#6 $"# Q#22 70,-@#'E#7

– H'6#,-"# 6E0"$(#

– I"$'640"E &'6#,-"&5#6

–

H'O#,50' G-2'#"$1&2&5#6 – I$@4#"&'( $X$,%6

• YA$E $"# EA# $X$,% 6,#'$"&06Z

–

:$&21"#$%&'([9005'( 1J -6#"[$X$,%#" \ U$'(-Z – 3X$,%6 N"0@ @$2Q$"#P #F(F ]'^07 !$1J U$'7$

– 344 &@&E$50' $'7 "#4$,%&'( Q&EA @$2&,&0-6 ,07#

– I$"(#E#7 #_420&E$50'

– 8$6-$2 7"&G# 1J 70Q'20$7


6/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

IA# U"012#@

3442&,$50' H'6#,-"&5#6

•

B&"#,E "#@#7&$50' 0N $442&,$50' &'6#,-"&5#6 &6 (#'#"$22J Q#22 70,-@#'E#7

•

/$'J $442&,$50'6 A$G# 6E$"E#7 E0 N0220Q "#,0@@#'7#7 $,50'6 E0 $77"#66 EA#

E"$7&50'$2 G-2'#"$1&2&5#6`

–

82'E 6&7# $-EA#'5,$50'

– W',"J450' 0N 4#"6&6E#'E 7$E$

– 8#"5a,$E# 4&''&'(

•

B0 EA#6# 4"0E#,E $($&'6E $22 $X$,% 6,#'$"&06Z – b0Q E"&G&$2 &6 &E E0 1J4$66 N"0@ 0'c7#G&,#Z

– YA$E $10-E "#60-",#[$44 @07&a,$50' \ $7Q$"#[64JQ$"# &'6#"50'Z

•

IA# $"@6 "$,# 1#(&'6d


7/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

• *+#,-"#. &6 1$'7#7 $"0-'7 $ 20EP '0E O-6E &' @01&2#

– *+#,-"# #'7cE0c#'7 @#66$(&'(.

– *+#,-"# 6E0"$(#.

–

*+#,-"# 7#G&,# @$'$(#@#'E.

• B#,&7#7 E0 ,A$22#'(# 60@# 0N EA#6# ,2$&@6

H'E"07-,50'

8$6# +E-7


8/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J e=

/01&2#H"0'

• U04-2$" /B/ 7"&G#' 1J 402&, 6#E 0' EA# f+U gf&"E-$2

+@$"E4A0'# U2$h0"@i

•

9#40"E6 1$,% E0 EA# f+U[+#'E"J 7#G&,#6 0N 402&,J G&02$50'6 6-,A$6 O$&21"#$%&'( $'7 ,$' "#$,E $,,0"7&'(2JP #_$@42#6 &',2-7#

"#@0G&'( #c@$&2 $'7 fUj $,,#66


9/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J e=

/01&2#H"0'

• Y#22 %'0Q' 2&@&E$50' 0N EA# 60kQ$"#P N0",&12J ,206&'( EA# $44

$'7 7&6$12&'( 20,$50' 6#"G&,#6 4"#G#'E6 &E 7#E#,5'( 402&,J

G&02$50'6 $'7 "#40"5'( 1$,% E0 EA# f+U


10/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J e;

Y&,%"

• H' :$'-$"J ; Y&,%" $''0-',#7 $ 1-( 10-'EJ


11/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J e;

Y&,%"

• IA# $442&,$50' &6 $ 4"&G$,J 7"&G#' &'6E$'E @#66$(&'( 6#"G&,#

• I$( 2&'# *2#$G# '0 E"$,#. \ 6-4406#72J N0"#'6&,$22J 60-'7

• +#2Nc7#6E"-,5'( @#66$(#6P 4&,E-"#6P N-22J #',"J4E#7

• IA# $44 #@420J#7 '0 1&'$"J 4"0E#,50'6 60 E$@4#"&'( Q$6 N$&"2J

E"&G&$2

• Y&EA&' ;> A0-"6 EA#"# Q#"# 60@# &'E#"#65'( a'7&'(6


12/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J e;

Y&,%"

YH8l9 BW/m


13/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J en

VmoW'E#"4"&6#

• !pmB ,0'E$&'#" EA$E $220Q6 $ 6#4$"$E# Q0"%64$,# N0" @$&2P

,0'E$,E6P 6#,-"# 1"0Q6&'(P a2# 6E0"$(# #E,F

•

*IA# VmoW'E#"4"&6# @01&2&EJ 42$h0"@ Q$6 7#6&('#7 N"0@ EA#("0-'7 -4 Q&EA 6#,-"&EJ &' @&'7F IA-6 VmoW'E#"4"&6# 602-50'6

&'A#"&E $ Q#$2EA 0N 6#,-"&EJ N#$E-"#6 EA$E @&'&@&q# EA# "&6% 0N

-'$-EA0"&q#7 $,,#66P 7$E$ 2#$%$(# $'7 6#,-"&EJ 1"#$,A#6F.

• 322 @$'$(#7 N"0@ $ 4#" #'E#"4"&6# ,20-7 &'6E$',#


14/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J en

VmoW'E#"4"&6#

• H'6E$22#7 EA# $44 $'7 6J',A"0'&6#7 7$E$S $44#$"#7 E0 1# -6&'(

EA#6# 7$E$1$6#6 N0" 6E0"$(#

• B#,0@4&2&'( $'7 $'$2J6&'( EA# 3UlP "#G#$2#7 &E Q$6 -6&'(

+rC8&4A#"


15/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J en

VmoW'E#"4"&6#

• j#_E 6E#4 Q$6 E0 a'7 QA#"# @U$66Q0"7 ,0@#6 N"0@`


16/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J en

VmoW'E#"4"&6#

• IA# %#J $44#$"6 E0 1# 7#"&G#7 N"0@ EA# H/WH $'7 EA# 4$EA E0 EA#

7$E$1$6#P -6&'( EA# H/WH $6 $ 6$2E

• IA&6 ,$' 1# G#"&a#7 1J "#4"07-,&'( EA# ,07# &' $'0EA#" $44


17/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J en

VmoW'E#"4"&6#

• 9-''&'( EA# U08 (#'#"$E#6 EA# N0220Q&'( %#J N0" EA# *6E0"$(#F71.

7$E$1$6#

• ]6&'( EA# %#J &ER6 4066&12# E0 GQ EA# 7$E$1$6#


18/47 D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J en

VmoW'E#"4"&6#

• IA# sG$"&$12#6 E$12# A$6 60@# &'E#"#65'( 7$E$d


19/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J e>

l$6#J$ !pmB


20/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J e>

l$6#J$ !pmB

• !pmB $442&,$50' EA$E 4"0G&7#6 $,,#66 E0 70,-@#'E6P #c@$&2P $'7

$ 1"0Q6#"

•

3446 ,0''#,E E0 $ ($E#Q$J EA$E 4"0_ E0 &'E#"'$2 "#60-",#6 6-,A$6 &'E"$'#E $442&,$50'6 $'7 a2# 6A$"#6

• 3,,#66 E0 EA# $44 &6 4"0E#,E#7 G&$ $ UHj


21/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J e>

l$6#J$ !pmB

• r-&,%2J &7#'5a#7 $' &'E#"#65'( ,2$66`


22/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J e>

l$6#J$ !pmB

l$6#J$ !pmB BW/m


23/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

mG#"GQ

• H'E"07-,#7 E0 EA# mY3+U /01&2# I04 I#' $E mY3+U 344+#,

8$2&N0"'&$ &' :$'-$"J ;

•

3X#@4E6 E0 $,AG# EA# N0220Q&'( (0$26` – U"#G#'E 60kQ$"# 04#"$5'( &' $' -'E"-6E#7 #'G&"0'@#'E

– IAQ$"E 0" &',"#$6# EA# ,0@42#_&EJ 0N "#G#"6# #'(&'##"&'(

– IAQ$"E 0" &',"#$6# EA# ,0@42#_&EJ 0N @07&a,$50' 0" E$@4#"&'( $X$,%6

–

B#E#,E[U"#G#'E $X$,%6 N"0@ 0'c7#G&,# @$2Q$"#

• b0Q ,0@@0' $"# EA#6# 4"0E#,50'6Z

– ;


24/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

mG#"GQ

• +0 QA$E $"# EA# "&6%6Z

– IA#k 0N H'E#22#,E-$2 U"04#"EJ N"0@ "#G#"6# #'(&'##"&'(

– 8&",-@G#'50' 0N 6#,-"&EJ ,0'E"026S $-EA#'5,$50'P #',"J450'P 2&,#'6&'(P

B9/P O$&21"#$%["00E 7#E#,50'

– C066 0N "#G#'-# N"0@ 4&"$,J

– !"$'7[9#4-E$50'$2 7$@$(# N"0@ $44 &@&E$50' $'7[0" ,07# @07&a,$50'


25/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

mG#"GQ

• +0@# 0N EA# 1&'$"J 4"0E#,50'6 J0- @$J A$G# #',0-'E#"#7`

– :$&21"#$%[900E 7#E#,50'

– 9#60-",# $'7 ,07# &'E#("&EJ ,A#,%6-@6

–

3'5c7#1-((&'( – 9-'5@# E$@4#" 4"0E#,50'

– m1N-6,$50'

• j0E $ 6&2G#" 1-22#Eo


26/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

:$&21"#$%[900E B#E#,50'

• 3X#@4E6 E0 7#E#,E &N EA# $442&,$50' &6 "-''&'( 0' $ O$&21"0%#' 0"

"00E#7 7#G&,#

•

HN $ ,0@4"0@&6# &6 7#E#,E#7 EA# $44 -6-$22J 70#6 0'# 0" @0"# 0N` – Y$"' EA# -6#"

– Y&4# $'J 6#'6&5G# 7$E$

– 9#40"E 1$,% E0 $ @$'$(#@#'E 6#"G#"

–

W_&E [ 8"$6A


27/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

:$&21"#$%[900E B#E#,50'

• :$&21"#$%[900E 7#E#,50' &@42#@#'E$50'6 -6-$22J 4#"N0"@ EA#

N0220Q&'( $,5G&5#6`

– W_$@&'# EA# a2#6J6E#@

–

8A#,% 04#' 40"E6 – I#6E 6$'710_ "#6E"&,50'6

– U#"@&66&0'6 0' @#@0"J 4$(#6

– WG&7#',# 0N @07&a,$50'6 g#F(F 1-&27 %#J6i

•

mk#' E"&G&$2 E0 1J4$66 -'2#66 0EA#" 4"0E#,50'6 $"# &' 42$,#


28/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

H'E#("&EJ 8A#,%6-@6

• 3X#@4E E0 #'6-"# EA$E $442&,$50' "#60-",#6 0" &'E#"'$2 ,07#

6E"-,E-"#6 A$G#'RE 1##' @07&a#7 0" '#Q ,07# &'6#"E#7

•

HN E$@4#"&'( &6 7#E#,E#7 @0"# 0k#' EA$' '0E $ ,"$6A &6 E"&((#"#7

• IJ4&,$22J &@42#@#'E#7 1J #@1#77&'( $ *Q#1. 0N 6#2N G$2&7$5'(

,A#,%6-@ N-',50'6 &' E0 $' $442&,$50'

• 8A#,%6-@ ,$2,-2$50'6 4#"N0"@#7 0' 64#,&a, N-',50'6 0" $,"066

$ ,2$66P $6 Q#22 $6 40"50'6 0N EA# ,07# 6#(@#'E


29/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

H'E#("&EJ 8A#,%6-@6

• K0" '$5G# ,07# ,$' 1# &@42#@#'E#7 -6&'( 8

– H'6#"E $ 2$1#2 1#N0"# $'7 $k#" EA# N-',50'6 J0- Q$'E E0 ,A#,%6-@ E0 (#E

EA# N-',50' 6&q#


30/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

H'E#("&EJ 8A#,%6-@6

• 3 ,A#,%6-@ ,$' EA#' 1# ,$2,-2$E#7 1$6#7 0' EA# 6E$"E $77"#66 u

EA# 2#'(EA $'7 ,0@4$"#7 Q&EA $ 6E0"#7 ,A#,%6-@

• +&@&2$" ,A#,%6 6A0-27 1# #@1#77#7 $,"066 EA# ,07#


31/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

H'E#("&EJ 8A#,%6-@6

• IA#"# $"# 6#G#"$2 6A0"E,0@&'(6 &' EA&6 @#EA07 0N

&@42#@#'E$50'`

– IA# $442&,$50' a"6E '##76 E0 1# "-' E0 ,$2,-2$E# EA# 6E0"#7 898 QA&,A &6

EA#' #@1#77#7 &' E0 EA# ,07#

– IA# 20,$50' 0N EA# ,A#,%6-@6 &6 7&v,-2E E0 "$'70@&q# $,"066 1-&276

• 3 1#X#" 1-E ,0@42#_ $44"0$,A ,$' 1# $,AG#7 -6&'( EA# CCf/

,0@4&2#"

–

B-"&'( ,0@4&2$50' EA# :HI #'(&'# ,$' ,0@4&2# EA# N-',50'6 EA$E J0- Q$'E

E0 4"0E#,E

– IA&6 ,$' 1# -6#7 E0 ,$2,-2$E# EA# "#2#G$'E ,A#,%6-@6 EA#' G$2&7$50' ,07#

,$' 1# #@1#77#7 -6&'( EA# CCf/ H9


32/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

3'5cB#1-((&'(

• Y&EA $ 7#1-((#" $' $X$,%#" &6 $12# E0 E"&G&$22J @$'&4-2$E#

$442&,$50' 1#A$G&0"

•

K0" #_$@42#P &' &m+ $442&,$50'6 &E &6 4066&12# E0 6&@-2$E# @#EA07,$226 E0 01O#,E6 1J &'G0%&'( ,$226 E0 objc_msgSend

• 3'5c7#1-((&'( 4"0E#,50'6 $X#@4E E0 7#E#,E $'7 4"#G#'E $

7#1-((#" 1#&'( $X$,A#7

• ]'2&%#2J E0 EAQ$"E $' $7G$',#7 $7G#"6$"J


33/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

3'5cB#1-((&'(

• m' &m+ EA# 4"0,#66 6E$E-6 ,$' 1# T-#" -6&'( 6J6,E2

•

IA# PT_DENY_ATTACH ^$( ,$' $260 1# 6#E


34/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

3'5cB#1-((&'(

• +#G#"$2 ,0@@0' &@42#@#'E$50'6 N0" 3'7"0&7 $442&,$50'6

• Bf/ A$6 EA# Debug.isDebuggerConnected ,2$66

• 8$' $260 1# "#$7 7&"#,E2J N"0@ EA# Bf/ G&$ :jH "$EA#" EA$' -6&'(

EA# 3UH

•

I&@&'( EA"#$7 #_#,-50'


35/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

9-'5@# I$@4#" U"0E#,50'

• K"$@#Q0"%6 2&%# 8J7&$ +-16E"$E# @$%# A00%&'( 0N EA# m1O#,5G#c8

0" B$2G&% "-'5@#6 E"&G&$2

•

3220Q6 $' $7G#"6$"J 0" @$2Q$"# E0 &'G0%# 0" @07&NJ &'E#"'$2@#EA076

– !J4$66 6#,-"&EJ ,0'E"026

– C#$%[+E#$2 6#'6&5G# 7$E$

• K$&"2J -'&T-# 6&E-$50' EA$E $ 7#G#204#" ,$''0E E"-6E EA#&" 0Q'

"-'5@#


36/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

9-'5@# I$@4#" U"0E#,50'

• 3X#@4E6 E0 7#E#"@&'# QA#EA#" N-',50'6 A$G# 1##' A00%#7 $E

"-'5@#

•

+#G#"$2 E"&,%6 N0" &m+ EA$E ,$' A#24 &7#'5NJ "-'5@# E$@4#"&'(P1-E J#E E0 6## $'JEA&'( N0" 3'7"0&7 Bf/ gEA&6 70#6'RE @#$' &E

70#6'RE #_&6Eo!i


37/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

9-'5@# I$@4#" U"0E#,50'

• 8A#,% e= ` f$2&7$5'( EA# 60-",# &@$(# 20,$50'

• IA# 20,$50'6 N0" 7J2&16 Q&EA EA# +Bl @#EA076 &6 $ a'&E# 6#E 0N

7&"#,E0"` – [-6"[2&1

– [+J6E#@[C&1"$"J[K"$@#Q0"%6

– [+J6E#@[C&1"$"J[U"&G$E#K"$@#Q0"%6

–

[+J6E#@[C&1"$"J[3,,#66&1&2&EJ – [+J6E#@[C&1"$"J[I#_EH'4-E

• Dladdr E$%#6 $ N-',50' 40&'E#" $'7 "#E-"'6 7#E$&26 0' EA#

60-",# &@$(#


38/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

9-'5@# I$@4#" U"0E#,50'

• 9#E"G# EA# &@$(# '$@# $'7 ,0@4$"# &E E0 %'0Q' G$2-#6


39/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

9-'5@# I$@4#" U"0E#,50'

• 8A#,% e;` +,$' N0" @$2&,&0-6 2&1"$"

• 8J7&$ +-16E"$E# $'7 8J,"&4E Q&22 &'O#,E $ 7J2&1 &' E0 EA# 4"0,#66

QA#' &E 2$-',A#6

• HER6 4066&12# E0 &E#"$E# EA# 2&6E 0N 20$7#7 2&1"$" $'7 6#$",A N0"

,0@@0' O$&21"#$% $660,&$E#7 2&1"$" 6-,A $6 *+-16E"$E#. $'7

*,J,"&4E.


40/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

9-'5@# I$@4#" U"0E#,50'

• V#E $ 2&6E 0N 2&'%#7 2&1"$" $'7 6,$' N0" O$&21"#$% 6E"&'(6


41/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

9-'5@# I$@4#" U"0E#,50'

• 8A#,% en` 8A#,% N0" 8J7&$ +-16E"$E# 4$E,A#6

• W_$@&'&'( EA# ,07# g6## SubstrateHookFunctionARMi Q#

,$' 6## QA$E &E 70#6`

• I"$@402&'# &6 &'6#"E#7P O-@46 E0 $' $1602-E# $77"#66

–

27" 4,P w4,P cx


42/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

!&'$"J U"0E#,50'6

m1N-6,$50'

• 3X#@4E6 E0 ,0@42&,$E# "#G#"6# #'(&'##"&'( 1J @$%&'( &E 7&v,-2E

0" ,0@42#_ E0 -'7#"6E$'7

•

m1N-6,$50' EJ4&,$22J $,AG#6 EA&6 1J 70&'( 60@# 0" $22 0N EA#N0220Q&'( g$'7 @0"#oi`

– m16,-"# '$@#6 0N ,2$66#6P a#276 $'7 @#EA076

– H'6#"E 10(-6 ,07#

–

/07&NJ EA# ,0'E"02 ^0Q – +-165E-50' 0N &'6E"-,50'6

• 3'7"0&7 ,0@#6 Q&EA U"0V-$"7 N0" "#2#$6# 1-&276P 22G@c01N-6,$E0"

&6 $' 04#'60-",# '$5G# ,07# #T-&G$2#'E

7


43/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J ey

344 U"0E#,50' U"07-,E

• 9#GQ#7 $ 1&'$"J 4"0E#,50' 602-50' N0" $ G#'70"

• ]'N0"E-'$E#2J Q0"% 4#"N0"@#7 -'7#" jB3 Sg

• IA# 602-50' Q0"%#7 1J #@1#77&'( 6&@&2$" 4"0E#,50'6 E0 EA06#

7#6,"&1#7P &',2-7&'( "-'5@# E$@4#"&'(P ,A#,%6-@ 4"0E#,50' #E,

E0 CCf/ H9

• IA# 4"0E#,50'6 Q0"%#7 $' 0'&0' $'7 #$,A 0'# '##7#7 E0 1#

4#$2#7 0z 0'# $E $ 5@#P 6E$"5'( Q&EA EA# &'E#("&EJ ,A#,%6-@@&'(

7


44/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J ey

344 U"0E#,50' U"07-,E

• U$E,A&'( EA# 1&'$"J $'7 E"&((#"&'( $ ,"$6A 2#$7 -6 E0 a'7 60@#

#_$@42#6 0N EA# G$2&7$50' "0-5'# N"0@ EA# ,$22 6E$,%

•

9#G#"6&'( 60@# 0N EA#6# N-',50'6 Q# N0-'7 $ ,0@@0'7#'0@&'$E0"P EA#J $22 ,$22#7 srand()

• H' EA#0"JP &E 6A0-27 1# 4066&12# E0 &7#'5NJ $22 0N EA#

,A#,%6-@@&'( N-',50'6 1J ,"066 "#N#"#',#6 E0 srand()

8 + 7 ey


45/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

8$6# +E-7J ey

344 U"0E#,50' U"07-,E

•

HB3UJEA0' E0 EA# "#6,-#o

8 2 &


46/47

D ; /B+#, 80'6-25'( CE7F 322 "&(AE6 "#6#"G#7F

80',2-6&0'6

mG#"GQ

• +#,-"# 70#6'RE $2Q$J6 @#$' 6#,-"#

• !&'$"J 4"0E#,50'6 $"#'RE $ 6&2G#" 1-22#Eo

• U"0E#,50'6 '##7 E0 1# 2$J#"#7

r { 3


47/47

r { 3

IA$ER6 $22 N02%6o

r]W+IHmj+Z

• !"#$"%`

– AX4`[[QQQF@76#,F,0F-%

–

AX4`[[120(F@76#,F,0F-%

– AX46`[[(&EA-1F,0@[@76#,"#6#$",A

• &'()$#`

– 70@&'&, w$Ex @76#, w70Ex ,0 w70Ex -%

•

*+$,%-.

?70@,A#22

?/B+#,C$16

breaking secure mobile applications - bsides

Documents