Difference between revisions of "Up to Speed"

From The iPhone Wiki
Jump to: navigation, search
(less wordy)
(fixed link here too)
Line 29: Line 29:
 
* Members of the team that built [[Corona]] for iOS 5.0.1 gave presentations about it, and there are PDFs of their slides available here: [http://conference.hitb.org/hitbsecconf2012ams/materials/D2T2%20-%20Jailbreak%20Dream%20Team%20-%20Corona%20Jailbreak%20for%20iOS%205.0.1.pdf Corona for A4] and [http://conference.hitb.org/hitbsecconf2012ams/materials/D2T2%20-%20Jailbreak%20Dream%20Team%20-%20Absinthe%20Jailbreak%20for%20iOS%205.0.1.pdf Corona/Absinthe for A5].
 
* Members of the team that built [[Corona]] for iOS 5.0.1 gave presentations about it, and there are PDFs of their slides available here: [http://conference.hitb.org/hitbsecconf2012ams/materials/D2T2%20-%20Jailbreak%20Dream%20Team%20-%20Corona%20Jailbreak%20for%20iOS%205.0.1.pdf Corona for A4] and [http://conference.hitb.org/hitbsecconf2012ams/materials/D2T2%20-%20Jailbreak%20Dream%20Team%20-%20Absinthe%20Jailbreak%20for%20iOS%205.0.1.pdf Corona/Absinthe for A5].
   
* Here's some analysis of [[evasi0n]] [http://blog.accuvantlabs.com/blog/bthomas/evasi0n-jailbreaks-userland-component from Accuvant Labs] and [http://blog.azimuthsecurity.com/2013/02/from-usr-to-svc-dissecting-evasi0n.html from Azimuth Security], along with [http://www.forbes.com/sites/andygreenberg/2013/02/05/inside-evasi0n-the-most-elaborate-jailbreak-to-ever-hack-your-iphone/ a high-level explanation from planetbeing]. The evad3rs team gave [https://conference.hitb.org/hitbsecconf2013ams/materials/D2T1%20-%20Pod2g,%20Planetbeing,%20Musclenerd%20and%20Pimskeks%20aka%20Evad3rs%20-%20Swiping%20Through%20Modern%20Security%20Features.pdf a presentation about evasi0n with slides available].
+
* Here's some analysis of [[evasi0n]] [http://blog.accuvant.com/bthomasaccuvant/evasi0n-jailbreaks-userland-component/ from Accuvant Labs] and [http://blog.azimuthsecurity.com/2013/02/from-usr-to-svc-dissecting-evasi0n.html from Azimuth Security], along with [http://www.forbes.com/sites/andygreenberg/2013/02/05/inside-evasi0n-the-most-elaborate-jailbreak-to-ever-hack-your-iphone/ a high-level explanation from planetbeing]. The evad3rs team gave [https://conference.hitb.org/hitbsecconf2013ams/materials/D2T1%20-%20Pod2g,%20Planetbeing,%20Musclenerd%20and%20Pimskeks%20aka%20Evad3rs%20-%20Swiping%20Through%20Modern%20Security%20Features.pdf a presentation about evasi0n with slides available].
   
 
* Read [[fuzzing]] for some explanation of how that technique has been used on iOS, and read [[how to reverse]] for some inspiration.
 
* Read [[fuzzing]] for some explanation of how that technique has been used on iOS, and read [[how to reverse]] for some inspiration.

Revision as of 05:15, 29 December 2013

So, all of this sounds intimidating. Jailbreak, sign, secpack, unlock, baseband, iBoot, seczone, JailbreakMe, pwnage - there are lots of terms to learn, but most of them are defined here on the wiki. The basics:

  • Activation - to bypass the required iTunes signup.
  • Jailbreak - to allow full write and execute privileges on the iPhone, iPod touch, iPhone 3G, iPhone 3GS, iPhone 4, iPhone 4S, iPad and iPad2.
  • Unlock - to allow the use of any mobile phone carrier's SIM.

Think of iPhone as a little computer, even though Apple doesn't want you to. It has a processor, RAM, a "hard drive", an operating system, and a cellular modem on the serial port.

Ways to learn about how jailbreaks work

  • Read iOS Hacker's Handbook, published in May 2012: "The award-winning author team, experts in Mac and iOS security, examines the vulnerabilities and the internals of iOS to show how attacks can be mitigated. The book explains how the operating system works, its overall security architecture, and the security risks associated with it, as well as exploits, rootkits, and other payloads developed for it."
  • Read fuzzing for some explanation of how that technique has been used on iOS, and read how to reverse for some inspiration.
  • If you want to really get started, learn assembler for ARM processors. Open Security Training has "Introduction to ARM" materials, for example.

Now