O'Reilly logo

Hacking and Securing iOS Applications by Jonathan Zdziarski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Malicious Code Injection

Injecting malicious code at the debugger level can provide similar functionality to that of Cycript, allowing custom code to replace existing methods. Using Cycript, the process is much easier for simple attacks, as a simple function can be quickly crafted in JavaScript, foregoing the process of compiling, signing, and copying code to the device. For more complex attacks, however, preloading a binary written in assembly language, C, or C++ can provide for a much more complex attack payload.

Once a method is replaced with a malicious payload, the malicious code can then perform its own tasks and then return its own custom values. It can even call the original method’s code and make changes to the data prior to returning.

In this example, you’ll build a dynamic library (.dylib) that will serve as a malicious payload, and inject it into the Hello World program using a debugger. When the code runs, your malicious function will replace the say method that would normally print the specified output to the screen, and will instead print malicious text out. Don’t worry; your malicious payload will be G-rated.

The CodeTheft Payload

Unlike other payloads in this book, which have been delivered in the form of an executable binary, the CodeTheft payload is built as a shared object. This is later dynamically loaded into the target application, and used to replace a targeted method.

As you’ve learned, an Objective-C method accepts two arguments: a receiver and a selector. Your ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required