iOS Reverse Engineering
Introduction
The purpose of this guide is to provide foundational knowledge for performing vulnerability research on iOS and iPadOS mobile devices.
Nearly all current, modern mobile devices running iOS, utilize 64-bit ARM hardware (ARM64). For simplicity, this guide will use ARM64 designations, but you may also see other nomenclature such as A64, AArch64, or ARMv8. While we will focus on the 64-bit version, it is important to note that each register is capable of 32-bit or 64-bit, based on its memory management structure.
ARM (which is typically represented as lower-case) is an acronym for Advanced RISC Machines (currently), but originally stood for Acorn RISC Machine. It is part of the Reduced Instruction Set Computing (RISC). ARM processors are typically low cost, low power consumption, and low heat generating that are used for many embedded systems. These processors are now being used in Apple laptops; Microsoft has also released ARM-based versions of Windows 10 & 11, and they are widespread in IoT devices.
This guide differs from the previous instructions on performing security tests on a mobile app that is delivered directly from developers or the App/Play Stores. In this guide, we will focus more on testing the aspects of the device and its features such as its wireless communication, as well as basic reading of ARM64 assembly to search for and exploit vulnerabilities. Essentially, this will be an extension of the previous guide.