Michael Price(McAfee Labs)

iOS Code Injection and Function Hooking

This presentation covers techniques that can be used for injecting dynamic libraries into binaries on disk, or also into running processes (local or remote), as well for hooking standard functions, shared library calls (symbol stubs or lazy pointer table entries) and Objective-C method calls. In the presentation, these techniques are combined to hook SSL functions used by the Game Center support included with iOS for the purpose of obtaining access to otherwise encrypted network traffic. A description of how Game Center center client support handles communication to the backend will be covered. Also, some coverage of ARM assembly is given, including hooking techniques for functions compiled to ARM and THUMB.

Sobre Michael Price

Mike currently heads up the McAfee Labs team in Santiago, Chile. In this role, Mike is responsible for ensuring smooth operation of the office, working with external entities in Chile and Latin America and generally promoting technical excellence and innovation across the team, and region. Mike was a member of the Foundstone Research team for nine years. Most recently, he was responsible for content development for the McAfee Foundstone Enterprise vulnerability management product. In this role, Mike worked with and managed a global team of security researchers responsible for implementing software checks designed to detect the presence of vulnerabilities on remote computer systems. He has extensive experience in the information security field, having worked in the area of vulnerability analysis and security software development for nearly eleven years.

« volver a Speakers

NOVEDADES


diseño: GrafikaWeb