Articles tagged 'security'

Set up a macOS Parallels Virtual Machine for security research Nov 16 2020

macOS comes with a good set of predefined security features designed to keep us safe, e.g. System Integrity Protection. These security features are great for everyday use, but they get in the way when we are trying to analyse what processes are doing...

Read More...

How to read passwords and sensitive data from the command-line using Swift Jul 17 2020

Shoulder surfing is a real threat. And we, as software developers, should strive to provide safety to our users. One way to mitigate the inadvertent exposure of sensitive data is related to how we handle the input of sensitive data in our applications...

Read More...

Extracting entitlements from process memory using LLDB Mar 30 2020

One of the first steps we take when analysing a macOS (or *OS) app is to go through the entitlements to extract useful information. Usually, we search for the entitlements embedded in the application binary using codesign(1) in our Static Analysis...

Read More...

Scanning a process' memory using LLDB Mar 23 2020

When performing dynamic analysis, a useful source of information is examining the process' memory for specific patterns. For example, imagine we would like to obtain information about the current process' code signature. To get this information, we...

Read More...

Resigning iOS apps from an IPA for mobile security research Feb 7 2020

When we are asked to perform a black-box security analysis on an iOS app, depending on the scope, we might only have access to the iOS app from the AppStore. But most of the time, the client would give us an IPA. In a black-box analysis, we won't get...

Read More...

Running Raspbian OS on QUEMU to learn ARM assembly Jan 19 2020

If you want to get into mobile security or reverse engineering, you'll get to a point when you would like to have access to an ARM processor. There are many devices you could use, but one very cheap (in price not in quality) is the Raspberry pi. You...

Read More...

Understanding buffer overflows using Radare2 Jan 6 2020

Many people have heard about the perils of buffer overflows, but it's something different to hear about it and another to try to make one yourself and play with it. In this post, we'll explore the basics of buffer overflow and create an example to...

Read More...

Using Radare2 to patch a binary Dec 28 2019

When reversing a binary, sometimes it's useful to modify how the binary behaves. We can accomplish this by changing the binary itself. If we had the source code, it'd be easy, but for us, it'll require looking at the decompiled code and deciding which...

Read More...

Using LLDB for reverse engineering Dec 20 2019

I've been exploring reverse engineering, and it's a fascinating topic. There are many ways to analyse a binary. Usually, the analysis is divided into two types, static and dynamic. Static analysis is when you decompile the binary and read the assembly...

Read More...

Let's write some assembly code in macOS for Intel x86_64 Dec 12 2019

This is going to be a small article on the basics of working with Assembly Language. We won't go deep into building extensive programs in assembly. The main idea of this post is to clarify the workflow for creating an assembly program and some key...

Read More...

Tracking where settings are stored on macOS Jun 28 2019

In this post, I'll explain how to figure out where macOS stores specific preferences and how to modify them using the command line tool defaults. Knowing where the preferences are stored and how to manage them programmatically allows us to create scripts...

Read More...