Tech

Fresh off the press: iPhoneDbg toolkit hotness

Written by Nathan McFeters, Contributor June 17, 2008 at 5:01 p.m. PT

The guys at Core Security just released an iPhoneDbg toolkit that should make exploit development for the iPhone much easier. This is outstanding news for all, as I think there has been a lot of concern over the quick rise of mobile devices and the new security concerns that they create. The capabilities of this debugger will allow researchers to work with discovered issues to determine if they are exploitable or not. Combine this with the mobile python capabilities out there, and you should be able to whip up a nice fuzzer/debugger combo for testing out the iPhone. See more below. From the Core Security site: What is the iPhoneDbg Toolkit?

This set of tools will enable you to delve into iPhone Binary Reversing.

The iPhone Debugger allows you to debug running or newly-created native processes inside iPhone.
The Library Loader Patcher will allow to debug iPhone libraries.
You can also build a tunnel from your PC to your iPhone through USB.

Requirements

iPhone firmware v1.1.4, should work on earlier firmware versions (drop a line if positive).
Some iPhone Console application (local Term-vt100, remote OpenSSH via WiFi or remote OpenSSH via USB).
(for the tunnel only) iTunes on a Windows XP installed and service Apple Mobile Device ( AppleMobileDeviceService.exe) running. DLL iTunesMobileDevice.dll must be on the same folder that iphone_tunnel.exe.