liOS: Lifting iOS apps for fun and profit

03/28/2020
by   Julian Schütte, et al.
0

Although iOS is the second most popular mobile operating system and is often considered the more secure one, approaches to automatically analyze iOS applications are scarce and generic app analysis frameworks do not exist. This is on the one hand due to the closed ecosystem putting obstacles in the way of reverse engineers and on the other hand due to the complexity of reverse engineering and analyzing app binaries. Reliably lifting accurate call graphs, control flows, and data dependence graphs from binary code, as well as reconstructing object-oriented high-level concepts is a non-trivial task and the choice of the lifted target representation determines the analysis capabilities. None of the various existing intermediate representations is a perfect fit for all types of analysis, while the detection of vulnerabilities requires techniques ranging from simple pattern matching to complex inter-procedural data flow analyses. We address this gap by introducing liOS, a binary lifting and analysis framework for iOS applications that extracts lifted information from several frontends and unifies them in a "supergraph" representation that tolerates missing parts and is further extended and interlinked by liOS "passes". A static analysis of the binary is then realized in the form of graph traversal queries, which can be considered as an advancement of classic program query languages. We illustrate this approach by means of a typical JavaScript/Objective-C bridge, which can lead to remote code execution in iOS applications.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
12/13/2018

IIFA: Modular Inter-app Intent Information Flow Analysis of Android Applications

Android apps cooperate through message passing via intents. However, whe...
research
08/06/2023

WASMixer: Binary Obfuscation for WebAssembly

WebAssembly (Wasm) is an emerging binary format that draws great attenti...
research
05/23/2020

When Program Analysis Meets Bytecode Search: Targeted and Efficient Inter-procedural Analysis of Modern Android Apps in BackDroid

Widely-used Android static program analysis tools, e.g., Amandroid and F...
research
04/26/2022

Wasmati: An Efficient Static Vulnerability Scanner for WebAssembly

WebAssembly is a new binary instruction format that allows targeted comp...
research
01/28/2020

Parallelizing Binary Code Analysis

Binary code analysis is widely used to assess an a program's correctness...
research
06/30/2020

Symbolic Execution and Debugging Synchronization

In this thesis, we introduce the idea of combining symbolic execution wi...
research
09/08/2023

Historia: Refuting Callback Reachability with Message-History Logics (Extended Version)

This paper determines if a callback can be called by an event-driven fra...

Please sign up or login with your details

Forgot password? Click here to reset