Download - iOS protection mechanisms
![Page 1: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/1.jpg)
iOS protection mechanisms
Max Bazaliy
![Page 2: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/2.jpg)
Max Bazaliy
Position: iOS developer at Magento
Experience: Solutions to prevent reverse engineering and code analysis iOS development
![Page 3: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/3.jpg)
Statistics
• 200 million iOS devices
• 225 million iTunes Store accounts
• 425,000 apps in the app store
• Apple has paid $2.5 billion to developers
IT-Jam 2011
![Page 4: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/4.jpg)
FairPlay DRM Account
Buying processUser key Master key
AES
![Page 5: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/5.jpg)
How to crack FairPlay DRM ?
• Preparatory process
• Information gathering
• “Victim” launch
• Memory dump
• Replace encrypted data
• Resign app
![Page 6: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/6.jpg)
FairPlay DRM auto unpackers
![Page 7: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/7.jpg)
Sad news
• One-click cracking tools
• 10% of all devices are jailbroken
• 80% of jailbroken devices use pirated applications
• Industry losses over $450 million a year
![Page 8: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/8.jpg)
Any solution ?
![Page 9: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/9.jpg)
• Anti-debug• ptrace trick• trace detection trick
• String protection• Obfuscate important strings• Generate encoding table for every application
• Resource protection• Encrypt important resources
Anti-cracking techniques
![Page 10: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/10.jpg)
How to detect cracked app ?
• App encryption check• Check cryptid in LC_ENCRYPTION_INFO
• File size and date check• Check main binary, info.plist and PkgInfo date • Info.plist size check
• Jailbreak detection• System directory access check
![Page 11: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/11.jpg)
Mobile platform protection
• Trigger system• Use in app mechanics• Triggers are hard to detect• Limit functionality
• Code protection• Obfuscation• Virtual machines
![Page 12: iOS protection mechanisms](https://reader033.vdocument.in/reader033/viewer/2022061220/54bb833e4a79598e0b8b45c4/html5/thumbnails/12.jpg)
Resume
FairPlay DRM
Bypassing FairPlay DRM
Anti-cracking techniques
Trigger system & Code protection