#6 in Macintosh operating system books
Use arrows to jump to the previous/next product
Reddit mentions of iOS Hacker's Handbook
Sentiment score: 3
Reddit mentions: 10
We found 10 Reddit mentions of iOS Hacker's Handbook. Here are the top ones.
Buying options
View on Amazon.comor
Specs:
Height | 9.25 Inches |
Length | 7.375 Inches |
Number of items | 1 |
Release date | April 2012 |
Weight | 1.68874092692 Pounds |
Width | 0.92 Inches |
I would definitely take a look at The iOS Hacker's Handbook. It's an excellent resource for understanding the fundamentals of jailbreaking.
I personally have no experience, but I've heard good things about iOS hackers handbook. It's most likely not current but it might be a good start.
Read iOS Hackers Handbook http://www.amazon.com/dp/1118204123), and this http://www.idownloadblog.com/2011/09/13/i0n1c-exploit-report/).
Some of the well known jail breakers are writing a book on that right now, but it isn't finished.
http://www.amazon.com/iOS-Hackers-Handbook-Charlie-Miller/dp/1118204123
So these are complicated topics. I know more about the iOS side of things, but I'll try to point you towards some Android resources too.
For iOS, a good place to start would be to pick up an iPhone 4. It had fewer exploit mitigations and jailbreaking it was a lot easier. I highly recommend The iOS Hacker's Handbook. It's old, but the same basic concepts apply, especially for older versions of iOS. If you brick a newer iPhone and have to reinstall, you'll lose your jailbreak. With an iPhone 4, all installable versions of iOS are jailbreakable, so if you brick it you can always get back in. If you look at the iPhone Wiki you can see some writeups of some jailbreaks. Evasi0n 6 or 7 might be a good place to start. Get an iPhone 4 running iOS 6 or 7 and try to reimplement the kernel vulnerabilities used by them.
iOS and macOS share a lot of common code, and macOS is a much easier target since you can run it in a VM and it isn't as locked down. So that might be a good place to start to learn how to attack Apple's OSes. Here are some good walkthroughs of some macOS exploits:
@qwertyorioup on Twitter posts some interesting discussions and he has some good writeups on his blog. He also did a good presentation on attacking the xnu kernel.
Jonathan Levin also has some good books on iOS and macOS internals, which you can find more about at his his website. He also has writeups on the TaiG jailbreaks.
For Android, The Android Hacker's Handbook is pretty solid. Jonathan Levin also has an Android internals book here.
I would recommend maybe picking up an Nexus 5. They're pretty cheap and easily rootable so you can hack around on them. Here are some writeups of Android/Linux kernel explotis that might be helpful:
I also found this Android Kernel Exploitation Playground, but I have no idea if it's any good or not.
Regardless, for all of this you need to know C and assembly. For iOS and Android, you need to know ARM, and for macOS you need to know Intel x86_64.
Anyway, hope this helps!
>What exactly do you mean by watching it to see CPU? I'm quite familiar with Top -u, but is there a way to view just that processes CPU? I kind of want to watch it through my computer while browsing and see what happens.
You need to get its PID first. My favorite way to do that is with System Status from the App Store, which lists running processes with PIDs (although you can't kill them or anything).
Then use:
top -pid PID
To see just that process's stats.
>Does that Jetslammed tweak have anything related to this or help this?
Jetslammed can change a launchdaemon's HighWaterMark RAM limit, the limit of sustained RAM usage at which Jetsam automatically kills the daemon.
http://newosxbook.com/articles/MemoryPressure.html
The HWM can also be changed manually, but, in the end, it doesn't really help that much unless a daemon is only dying due to exceeding its HWM.
It can still be killed for other reasons if the system is low on memory.
It doesn't actually keep discoveryd from EVER being killed, so it doesn't really solve the issue of very large hosts (>300 KB) files causing random website disconnects due to discoveryd dying, leading to DNS failure.
It really just fixes it so that you can have Wifried and a small ad blocking hosts file at the same time since Wifried + even a small hosts file (like Light UHB) will cause discoveryd to use about 9-10 MB, exceeding the 8 MB HWM limit for a long period of time, causing discoveryd to be automatically killed, causing Wifried to re-initialize Wifi, causing random Wifi disconnects, which is even more problematic than even a DNS failure.
Wifried with Jetslammed raises the HWM for discoveryd to 12 MB from 8 MB, preventing the HWM killing of discoveryd with Wifried + small ad blocking hosts file. A large hosts file will exceed even this new limit, but, in that case, where discoveryd uses 20 MB or more, it will be killed by the system anyway for other reasons not related to the HWM.
>So do I have the correct Light UHB? Is that the one you use? I guess I might try reinstalling and maybe see. Haven't had an issue since its crash and (haven't checked today) haven't seen it anywhere near the top when running "top".
I use Light Untrusted Hosts. I've watched discovery's PID for about a month now. It's not being jetsam killed anymore even if I load a LOT of tabs and really stress it out. It never goes over 8 MB (the HWM) for any sustained period of time (even 8 MB requires A LOT of DNS activity), and never reaches enough RAM usage that the system would think to kill it to free memory (10-20 MB). Gamed (the GameCenter daemon) uses more memory than discoveryd with Light UHB . . .
>-unrelated- I love learning about all this stuff and your fountain of knowledge so far. Mind if I asked where you learned so much? I've been learning a lot about daemons lately, especially locationd and backboardd. I'm just curious as to where I can learn more about this stuff, learn how to read crash logs as so far it's just from the little experience I have, etc. I just can't find any good resources..
I've used OS X since it was in beta, and iOS is secretly just OS X in disguise with a TouchUI, a few processes missing, and a few processes added.
This book has been helpful to me in understanding jailbreaking, although it is a bit dated:
http://www.amazon.com/iOS-Hackers-Handbook-Charlie-Miller/dp/1118204123
Also a bit dated, but you may like it if you have a Mac:
http://www.amazon.com/Learning-Unix-OS-Going-Terminal/dp/1449332315/ref=sr_1_1?s=books&ie=UTF8&qid=1418694791&sr=1-1&keywords=OS+X+unix
This wiki is also good. Many devs post on it:
https://theiphonewiki.com/wiki/Main_Page
Of course it's a security flaw. Jailbreaks are 100% reliant on exploiting these flaws. But concluding from that they Apple knows about these specific flaws and intentionally hasn't addressed them is ludicrous.
Any non-trivial codebase is going to have a slew of bugs, and it's impossible for Apple to discover and squash them all. That doesn't mean they don't make an effort, because they've gone to great lengths to make discovering these bugs and linking them together in a meaningful way much more difficult than it was in the past. For an idea of just how complicated it is, a few of the people involved in getting jailbreaks to the public wrote a 400 page book on the topic.
This might be a good starting point, but I have no idea how outdated the information is. There's another book that was released last year but I can't remember the name of it.
Edit: Found it
/u/modalbony
Just learning a couple of languages won't do if your only concern is learning how to exploit. Learning how operating systems work is equally important if not more, though learning a programming language is an obvious first step.
Now, I don't know if these are absolutely necessary but they are helpful anyway.
Also check out http://winocm.moe/research/2013/09/20/resources-for-getting-started/, I might have repeated what she said.
https://www.theiphonewiki.com/wiki/Up_to_Speed is also useful. However The iPhone Wiki again, is outdated.
Maybe this book would be of some help? I just ordered this for myself and from what I've heard about it, it's a very good book to learn about how iOS works & how to defeat it.
[Book](iOS Hacker's Handbook https://www.amazon.com/dp/1118204123/ref=cm_sw_r_cp_api_C0VCybEAQFC95)