The guys at Core Security just released an iPhoneDbg toolkit that should make exploit development for the iPhone much easier. This is outstanding news for all, as I think there has been a lot of concern over the quick rise of mobile devices and the new security concerns that they create. The capabilities of this debugger will allow researchers to work with discovered issues to determine if they are exploitable or not. Combine this with the mobile python capabilities out there, and you should be able to whip up a nice fuzzer/debugger combo for testing out the iPhone. See more below. From the Core Security site: What is the iPhoneDbg Toolkit?
This set of tools will enable you to delve into iPhone Binary Reversing.
- The iPhone Debugger allows you to debug running or newly-created native processes inside iPhone.
- The Library Loader Patcher will allow to debug iPhone libraries.
- You can also build a tunnel from your PC to your iPhone through USB.
- iPhone firmware v1.1.4, should work on earlier firmware versions (drop a line if positive).
- Some iPhone Console application (local Term-vt100, remote OpenSSH via WiFi or remote OpenSSH via USB).
- (for the tunnel only) iTunes on a Windows XP installed and service Apple Mobile Device ( AppleMobileDeviceService.exe) running. DLL iTunesMobileDevice.dll must be on the same folder that iphone_tunnel.exe.
Binaries and Source Code
- iphonedbg - stable release (1.01), zip file.
- dyld_patcher - stable release (1.01), zip file.
- iphone_tunnel - stable release (1.01), zip file.
- iPhone Debugger Documentation.
- Library Loader Patcher Documentation.
- iPhone TCP Connection Through USB Documentation.
Real Life Example
- We run Safari web browser in the iPhone and we list all the active processes from a console connected through ssh.
- We write the command to attach the debugger to the Safari process.
- Once we are attached to the process, the debugger loads all the process symbols and then waits for user commands.
- We execute command g (go) and the process continues its execution waiting for some event or exception.