GIAC-Certified SME Support with OnDemand, PLUS Get an iPad (32G) or Galaxy Tab A!

London March 2017

London, United Kingdom | Mon, Mar 13 - Sat, Mar 18, 2017
This event is over,
but there are more training opportunities.
 

Bypassing iOS application anti-debugging technique and jailbreak detection

  • Alexandre Becholey
  • Wednesday, March 15th, 6:00pm - 7:00pm

Mobile application penetration testing has become increasingly difficult. From a simple request as: "What is it possible to do with my app", it has evolved into the tests of specific aspects and features of the application. To be able to manipulate and play with these parts and the involved functions, a jailbroken iOS device is required. However, applications that have a focus on security usually won't run on a compromised device and will surely detect the jailbreak. A penetration tester needs now to be able to find and bypass the usually obfuscated parts of the application that execute the jailbreak detection mechanisms. There is no bullet-proof solution as it is a game of cat and mouse where the developers change the obfuscation techniques once the previous ones have been discovered. This talk will present recent jailbreak detection methods, propose techniques to find them in the binary and discuss possible ways to bypass them from a simple hook of a function to create script to patch the binary at runtime.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
Monday, March 13
Session Speaker Time Type
Keynote: Lets reverse exploits - IoT, RansomWare & More James Lyne Monday, March 13th, 7:00pm - 9:00pm Keynote
Tuesday, March 14
Session Speaker Time Type
Introducing DeepBlueCLI, a PowerShell module for hunt teaming via Windows event logs Eric Conrad Tuesday, March 14th, 7:00pm - 8:00pm SANS@Night
Wednesday, March 15
Session Speaker Time Type
Bypassing iOS application anti-debugging technique and jailbreak detection Alexandre Becholey Wednesday, March 15th, 6:00pm - 7:00pm SANS@Night
The 14 Absolute Truths of Security Keith Palmgren Wednesday, March 15th, 7:00pm - 8:00pm SANS@Night
This event is over,
but there are more training opportunities.
 
Share

#SANSLondon

Latest Whitepapers

Tactical Linguistics: Language Analysis in Cyber Threat Intelligence
By Jason Spataro

CTI, CTI, CTI: Applying better terminology to threat intelligence objects
By Adam Greer

Automating Google Workspace Incident Response
By Megan Roddie

Last 25 Papers »

Latest Tweets @SANSInstitute

Discover the most effective steps to prevent #cyberattacks a [...]
January 16, 2021 - 9:30 PM

Join @_JoeSullivan, @TheKevinGarvey, @lspitzner, & @russ [...]
January 16, 2021 - 4:40 PM

Hands-on #SANSTechTuesday Workshop, Top Threats to Healthcar [...]
January 16, 2021 - 3:05 PM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.

"The perfect balance of theory and hands-on experience."
- James D. Perry II, University of Tennessee