iOS protection mechanisms
-
Upload
max-bazaliy -
Category
Technology
-
view
4.139 -
download
0
description
Transcript of iOS protection mechanisms
iOS protection mechanisms
Max Bazaliy
Max Bazaliy
Position: iOS developer at Magento
Experience: Solutions to prevent reverse engineering and code analysis iOS development
Statistics
• 200 million iOS devices
• 225 million iTunes Store accounts
• 425,000 apps in the app store
• Apple has paid $2.5 billion to developers
IT-Jam 2011
FairPlay DRM Account
Buying processUser key Master key
AES
How to crack FairPlay DRM ?
• Preparatory process
• Information gathering
• “Victim” launch
• Memory dump
• Replace encrypted data
• Resign app
FairPlay DRM auto unpackers
Sad news
• One-click cracking tools
• 10% of all devices are jailbroken
• 80% of jailbroken devices use pirated applications
• Industry losses over $450 million a year
Any solution ?
• Anti-debug• ptrace trick• trace detection trick
• String protection• Obfuscate important strings• Generate encoding table for every application
• Resource protection• Encrypt important resources
Anti-cracking techniques
How to detect cracked app ?
• App encryption check• Check cryptid in LC_ENCRYPTION_INFO
• File size and date check• Check main binary, info.plist and PkgInfo date • Info.plist size check
• Jailbreak detection• System directory access check
Mobile platform protection
• Trigger system• Use in app mechanics• Triggers are hard to detect• Limit functionality
• Code protection• Obfuscation• Virtual machines
Resume
FairPlay DRM
Bypassing FairPlay DRM
Anti-cracking techniques
Trigger system & Code protection
Questions ?