SandBlaster: Reversing the Apple Sandbox
نویسندگان
چکیده
In order to limit the damage of malware on Mac OS X and iOS, Apple uses sandboxing, a kernel-level security layer that provides tight constraints for system calls. Particularly used for Apple iOS, sandboxing prevents apps from executing potentially dangerous actions, by defining rules in a sandbox profile. Investigating Apple’s built-in sandbox profiles is difficult as they are compiled and stored in binary format. We present SandBlaster, a software bundle that is able to reverse/decompile Apple binary sandbox profiles to their original human readable SBPL (SandBox Profile Language) format. We use SandBlaster to reverse all built-in Apple iOS binary sandbox profiles for iOS 7, 8 and 9. Our tool is, to the best of our knowledge, the first to provide a full reversing of the Apple sandbox, shedding light into the inner workings of Apple sandbox profiles and providing essential support for security researchers and professionals interested in Apple security mechanisms.
منابع مشابه
Real-time software implementation of NTSC Analog TV on Sandblaster
This paper describes the real-time software implementation of NTSC Analog TV on the Sandblaster SDR platform. The platform supports realtime execution of a number of communication protocols and multimedia applications, including: 802.11b, WCDMA, GSM, GPS, MPEG4, H.264 and others. Our implementation of analog TV runs in real-time on Sandblaster evaluation board and produces highquality visual ou...
متن کاملSoftware Implementation of WiMAX on the Sandbridge SandBlaster Platform
This paper describes a Sandbridge Sandblaster system implementation including both hardware and software elements for a WiMax 802.16e system. The system is implemented on the fully functional multithreaded Sandblaster multiprocessor SB3010 SoC chip. The entire communication protocol, physical layer and MAC, has been implemented in software using pure ANSI C programming language and it executes ...
متن کاملLaunching Generic Attacks on iOS with Approved Third-Party Applications
iOS is Apple’s mobile operating system, which is used on iPhone, iPad and iPod touch. Any third-party applications developed for iOS devices are required to go through Apple’s application vetting process and appear on the official iTunes App Store upon approval. When an application is downloaded from the store and installed on an iOS device, it is given a limited set of privileges, which are en...
متن کاملUnauthorized Cross-App Resource Access on MAC OS X and iOS
On modern operating systems, applications under the same user are separated from each other, for the purpose of protecting them against malware and compromised programs. Given the complexity of today’s OSes, less clear is whether such isolation is effective against different kind of cross-app resource access attacks (called XARA in our research). To better understand the problem, on the less-st...
متن کاملCase of accelerated silicosis in a sandblaster
Sandblasting is traditionally known as a high-risk profession for potential development of lung silicosis. Reported is a case of a sandblaster with confirmed accelerated silicosis, a condition rather rarely diagnosed in the Czech Republic. Initially, the patient presented with progressive dry cough and exertional dyspnoea. In the early diagnostic process, a possible occupational aetiology was c...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1608.04303 شماره
صفحات -
تاریخ انتشار 2016