IOS Safety – Talking about Several Methods About iOS Reinforcement

Regarding iOS security, the security protection can do is much more much better than the Android platform.

As long as your phone is not jailbreak, basically is more secure, of course, if your phone is jailbreak, there may be some security issues accordingly. For example, I have introduced some IO reverse analysis, dynamic analysis, and crack methods in the previous blog.

But in this way, for iOS protection, the demand is not very short, and all IOS platform reinforcement products are not a lot, and there are several products that have several products that are reinforced with IOS.

The first iOS encryption, http://www.ijiami.cn/ios personal feeling, because there is no need to see the specific tool and reinforcement, so I don’t know how it works. .

Later, I saw a http://www.safngne.com/mobile/ about iOS encryption, but it feels too much, but also makes the product party are not very assured, replacing Xcode default compilation .

I saw accidentally saw a white box encrypted application http://kiwisec.com/. I also tried it down. I feel more than the above two from the use, and what considers things are also more.

Ok, I have seen some of the tools to do. It is probably what reinforcement methods and probably realization. I am also just in this regard. I may have not so deeply, everyone will listen.

Now the reinforcement tool is always made from the following aspects:

First, string encryption:

Status: For strings, the plaques in the program provide a great help to static analysis, such as based on the interface special string prompt information, which is defined to the program code block, or some network interfaces used by the program, etc. Wait.

Reinforcement: On the place used to the string, first get the string used, you should pay attention to what is encrypted, which cannot be encrypted, then encrypts the string, and saves the encrypted data, then Insert a decryption algorithm using a string, so it is good to protect the bright string.

Second, the class name method is confused

Status: At present, IOS applications on the market is basically confused using the class name method name, so as long as we use class-dump to define dump down the application, then according to the method name, it is possible to determine how many programs are handled. where. Thereby HOOK and other operations.

Reinforcement: For class name method names in the program, you generate a random string to replace these definition class names and method names, but not all types, the method name can be replaced, to filter to the system-related functions and classes You can refer to the next open source project: https: //github.com/polidea/ios-class-guard

Third, the program code is confused

Status: The current iOS app finds the executable and dragged the logic of Hopper Disassembler or IDA.

Reinforcement: The compiler Clang can use based on XCode, and then in the middle layer is IR to implement some confusion processing, such as adding some useless logic blocks, code blocks, and jumps, but not affect the program Some logic. You can refer to the next open source project: https: //github.com/obfuscator-llvm/obfuscator/ Of course, there are some problems in the open source project, but you need to do some optimization.

Fourth, join safe SDK

Status: At present, most iOS applications do not have a simple reverse test function, let alone inject detection, and some other tests.

Reinforcement: Join SDK, including multiple commission detection, injection detection, jailbreak detection, key code encryption, tamper-proof, etc. And provide an interface to the developer to process the test results.

Of course, in addition to these, there are many ways to do reinforcement, I believe that everyone will slowly increase the awareness of IOS application security, protect their app.