Reprinted from: http://www.blogfshare.com/ios-protect.html
Regarding IOS security, the security protection that can be done is indeed much less than what can be done under the Android platform.
As long as your mobile phone is not jailbroken, it is basically safer. Of course, if your mobile phone is jailbroken, some security problems may arise accordingly. For example, some IOS reverse analysis, dynamic analysis and cracking methods that I have introduced in the previous blogs.
But despite this, the demand for IOS protection is not lacking, and there are not many hardened products based on the IOS platform. At present, there are several IOS hardening products that have done well.
At the beginning, about the IOS encryption pioneered by ijiami, http://www.ijiami.cn/ios personally felt that this was just a gimmick, because I didn't see the specific tools and reinforcement applications, so I don't know how it works. .
Later, I saw a tool about IOS encryption at http://www.safengine.com/mobile/ on watching the snow , but I felt it was too troublesome to use, and the product side was not very relieved. It was necessary to replace the default compilation of xcode. device.
Not long ago, I saw a white-box encryption application http://kiwisec.com/ and tried it out. I feel that it is much better than the above two in terms of use, and there are more things to consider.
Well, after reading some tools made by others, here are some reinforcement methods and approximate implementations. I am new to this aspect, and the depth of the analysis may not be that deep, so you can just listen to it.
The current reinforcement tools are generally done from the following aspects:
1. String encryption:
Status: For strings, the plaintext strings in the program provide great help for static analysis, for example, according to the interface special string prompt information, so as to define the program code block, or obtain some network interfaces used by the program, etc. Wait.
Reinforcement: Where strings are used in the program, first obtain the strings used, of course, pay attention to which ones can be encrypted and which ones cannot be encrypted, then encrypt the strings, save the encrypted data, and then store the encrypted data in the program. The decryption algorithm is inserted where the string is used, so that the plaintext string is well protected.
Second, the class name method name confusion
Status quo: At present, IOS applications on the market are basically not confused by class names and method names, so as long as we use class-dump to dump the application's class and method definitions, and then according to the method name, we can judge whether the processing function of many programs is where. Thereby performing operations such as hooking.
Reinforcement: For the class name and method name in the program, generate a random string to replace these defined class names and method names, but not all class names and method names can be replaced, and filter to system-related functions and classes. , you can refer to the open source project: https://github.com/Polidea/ios-class-guard
Third, the program code confusion
Status: The current IOS application finds the executable file and drags it to the Hopper Disassembler or IDA. The logic of the program is basically clear at a glance.
Reinforcement: It can be based on the compiler clang used by Xcode, and then implement some obfuscation processing in the middle layer, that is, IR, such as adding some useless logic blocks, code blocks, and adding various jumps without affecting the original program. Some logic. You can refer to the open source project: https://github.com/obfuscator-llvm/obfuscator/ Of course, there are some problems in the open source project, and you need to do some optimization work yourself.
4. Add Security SDK
Status: At present, most IOS applications have no simple anti-debugging function, let alone injection detection, and some other detections.
Reinforcement: Added SDK, including multiple debugging detection, injection detection, jailbreak detection, key code encryption, anti-tampering and other functions. And provide an interface for developers to process the detection results.
Of course, in addition to these, there are many aspects that can be strengthened and protected. I believe that everyone will gradually increase their awareness of IOS application security and protect their APPs.