Welcome to the iOS Reverse series.

  • IOS reverse RSA theory
  • IOS reverse hash theory
  • IOS reverse application re-signature + wechat re-signature combat
  • IOS reverse Shell script + script re-signature
  • IOS reverse code injection +Hook
  • IOS reverse MachO file
  • IOS reverse dyLD process
  • IOS reverse HOOK principle of Fishhook
  • IOS reverse LLDB debugging

A, the hash

1. What is hash?

A Hash is a Hash algorithm that transforms an input of arbitrary length into an output of fixed length, which is the Hash value

Simply put, it is a function that compresses a message of any length into a message digest of a fixed length

2. Hash features

  • The algorithm is public
  • It’s the same operation on the same data
  • The result of the operation on different data is fixed length, the default is 128 bits, 32 characters
  • You can’t invert it (depending on the underlying hash principle, unidirectional mapping)
  • Information fingerprint, commonly used for data identification

Since the result of the hash operation is fixed length, it is inevitable that multiple data will have the same hash, which is called a hash collision

3. Hash usage

  • Encryption of user passwords
    • The hash algorithm is a one-way function. It can turn data of any size into a fixed-length “fingerprint” and cannot be calculated backwards. In addition, even if the data source changes only slightly, the result of the hash can be completely different
  • Digital signatures (covered in Chapter 3 of this article)
  • Search engine
    • The search result for “China”, “Zhejiang”, and “Guangsha” is the same regardless of the order of the three words, because this is the sum of the 128-bit hash value of the three words, the result is the same
  • copyright
    • For example, baidu cloud’s second transmission function, you upload a file in Baidu Cloud, Baidu Cloud will first judge whether there is the same hash value as it on the web disk, if there is, and then judge whether the file type, binary before and after two hundred bits are the same.. (We don’t know exactly) etc. If both are met, the same data is considered to be transmitted in seconds

PNG “using the terminal command MD5 001.png, the output hash value is

MD5 (001.png) = 794f38b127db2e24e23a59d1fcb7a700
Copy the code

Example Change the hash value of the md5 002.mp3 command to md5 002.mp3

MD5 (002.mp3) = 794f38b127db2e24e23a59d1fcb7a700
Copy the code

PNG, Ctrl+C Ctrl+V make a copy of the image, name it “002. PNG” and run md5 002.png.

MD5 (002.png) = 794f38b127db2e24e23a59d1fcb7a700
Copy the code

Package the image into “001.zip” and run the terminal command md5 001.png

MD5 (001.png.zip) = eca9687c64a1a62154582186214a97be
Copy the code

The following conclusions can be drawn from the above operation: ① Changing the file name or suffix does not change the hash value of the binary. The suffix is really for the operating system to see — let the operating system decide what software to open it

Because of the irreversibility of hash, it is very useful in many fields

2. Hash schemes for encrypting user passwords

1. Plaintext request

If the password is transmitted in plain text, the hacker can directly grab the network request, the user’s password will appear in front of the hacker “naked”; If the use of RSA encryption transmission, client encryption server decryption, is not flattered? However, the user password is still stored in plain text on the server side, which is very insecure!! The Internet has two principles: ① Network transmission is not allowed to transmit user privacy information in plaintext; ② User privacy information cannot be stored in plaintext on the local PC

2. Direct MD5 encryption or multiple MD5 encryption

How about using MD5 to encrypt user passwords? This is probably the case for many small outsourcers, but it is far from complete because the hash algorithm is irreversible. A user’s password can be easily retrieved by enumerating the results of thousands of hash algorithms and then performing a reverse lookup, for examplewww.cmd5.com/This web siteWhat if we try MD5 a few more times? In fact, the same, CMD5 this site can choose the type of reverse query, multiple nesting does not work

Step 3 Add salt

What does salt mean? The user’s plain-text password is followed by a bit of “seasoning” — a string of strange characters that are then hashed to “123456da.gjio1ra” and then MD5 to send to the server. The user password of this scheme cannot be easily and quickly deciphered in plain text, but it can also be deciphered by force. At the same time, it brings a series of hazards: deciphering the plaintext password, also know salt, because salt is written dead, so all users of the password can be easily deciphered out, so in this scheme, the protection of “salt” is particularly important. Secondly, each client, server know the specific content of “salt”, that the company can ensure that all development engineers leave not disclosed? We should do the development of perfect, can not let these human factors affect our APP security! Since writing dead “salt” doesn’t work, we can solve the problem with dynamic salt

4. HMAC

HMAC uses one key for encryption and performs two hash operations to obtain a hash value. It’s a scheme, not an encryption algorithm. In actual development, the HMAC key comes from the server randomly, and each account is different.

(1) registrationA. After filling in the account, password and other information on the client, the user clicks Register to start the registration request and sends theZhang FengSend to the server

B. The server verifies the Feng account and, if available, generates a random key and sends it to the client

C. The client performs HMAC, and then sends the account and password to the server. The server saves the Feng account, key key, and password HMAC one by one. The client can then store the key by returning the result of the successful registration request

In this way, one account corresponds to one key, which greatly improves login security. But think about what if the user changes device login, that is not to get the key? So we also need to enrich our login logic

② Log in to another deviceA. After the user fills in the account and password information on the client, click login. The client now searches for the key corresponding to the account locallyZhang FengSend to the server and requestKey key

B. The server searches for the Feng account and returns the key corresponding to the account to the client

C. The client obtains the plaintext password hMAC and sends the Feng account, key, and password hMAC to the server. If the server account and password match successfully, the client saves the key. Otherwise it can’t be saved

③ Device lock serviceA. Device B logs in to the server for the first time and asks for a key

B. The server asks device A whether to lock the device. If not, the server automatically sends A key to device B. If yes, access permission is granted to device A, and device A can only send it if it agrees

C. The server searches for the Feng account and returns the key corresponding to the account to the client

D. (2) – c

5. Prevent network request data from being captured — time-stamped

HMAC encryption scheme has been quite secure, but the password sent by the client to the server can still be intercepted, and the third party can simply log in as long as the account and password match, so we need to do some processing on the network request data, we use the method is to add time stamp:

A. Initiate a login request

B. The server returns the timestamp to the client

C. Perform the calculation based on (HMAC hash value + timestamp).MD5. In this case, the timestamp is not the local system time, but the timestamp returned by the server to the client when the login request is initiated. Then, the HMAC password is combined with the timestamp and the MD5 message is sent to the server

D. The server uses the same algorithm to match the hash value of the same minute. If the hash value fails to match, the server matches the hash value of the same minute

This allows the user’s password to change over time and the hacker can only use the intercepted password for a maximum of two minutes (min. 1 minute 01 seconds, Max. 1 minute 59 seconds)

Summary: It is recommended to use HMAC first and then timestamp for user passwords

There are also account dynamic salt, password timestamp schemes

Digital signature

1. The meaning of

A digital signature is a string of numbers that can only be generated by the sender of a message and cannot be forged by others. This string is also an effective proof of the authenticity of the message sent by the sender.

2. The role

The process of XX going to the bank to withdraw ten yuan can be better illustratedA. The user wants to withdraw 10 yuan

B. The bank gave you 10 yuan

C. The user gets 10 yuanA. The user wants to withdraw 10 yuan

B. Hacker modification: “Users need to withdraw 20 yuan”

C. The bank transfers 20 yuan

D. The hacker gets 10 yuan, the user gets 10 yuanA. The user wants to withdraw 10 yuan

B. The hacker wants to change it to: “User wants to withdraw 20 yuan” — just change the amount, but not change the hash value (abstract)

C. When the bank receives a request for $20 + a hash value of $10 (digest), it knows that the request has been modified

Principle 3.

A. HASH the original data

B. Use RSA to encrypt HASH values (digital signatures)

C. Send the original data and the digital signature to the server to verify that the hacker does not have a private key and cannot decrypt the digital signature. The hacker can only modify the original data. During transmission, there is no key transfer. Hash value Determines whether the original value is modified

Note: Encrypted digital information is called digital signature, encrypted code is called code signature, and encrypted reference is called application signature

Four, symmetric encryption

1. Meaning: The plaintext is encrypted using the key to obtain ciphertext. Ciphertext is decrypted by key to obtain plaintext

Asymmetric encryption is called modern encryption algorithm, symmetric encryption algorithm is called traditional encryption algorithm

2. There are three symmetric encryption algorithms:

  • DES: Data encryption standard, which is rarely used because of its low intensity
  • 3DES: encrypts the original data for three times using three keys

For symmetric encryption algorithms, the protection of keys is particularly important, and 3DES uses three keys to keep keys more difficult

  • AES: Advanced encryption standard

Because of the high encryption strength of AES, RSA is commonly used to encrypt AES keys

3. There are two common application modes:

  • ECB: Electronic codebook mode. Each piece of data is encrypted independently

The most basic encryption mode, that is, commonly understood encryption, the same plaintext will always be encrypted into the same ciphertext, no initial vector, vulnerable to passbook replay attacks, rarely used in general

  • CBC: Password block link mode. Data is encrypted using a key and an initialization vector

The plaintext is encrypted after xOR operation with the previous ciphertext. Therefore, the same ciphertext will be encrypted after different initial vectors are selected. This is the most widely used ciphertext mode. CBC encrypted ciphertext is context-dependent, but plaintext errors are not passed to subsequent groups, but if one group is lost, all subsequent groups are invalidated (synchronization errors). CBC effectively ensures the integrity of ciphertext. If a data block is lost or changed during transmission, subsequent data cannot be decrypted. For a more vivid comparison between the ECB and THE CBC, we will use a terminal demo

  1. To generate amessage.text
123456123456123456
123456123456123456
123456123456123456
123456123456123456
Copy the code
  1. Terminal commandopenssl enc -des-ecb -K 616263 -nosalt -in message.txt -out msg1.bin

Use DES encryption, select ECB application mode, key 616263, no salt 3. Modify message.text with the last group 123456->223456

123456123456123456
123456123456123456
123456123456123456
123456123456223456
Copy the code
  1. Terminal commandxxd msg1.binandxxd msg2.bin

5. Perform the same operation and select CBCopenssl enc -des-cbc -iv 0102030405060708 -K 616263 -nosalt -in message.txt -out msg3.bin openssl enc -des-cbc -iv 0102030405060708 -K 616263 -nosalt -in message.txt -out msg4.binUse DES encryption, select CBC application mode, initialize vector 0102030405060708, key 616263, no salt 6. Terminal commandxxd msg3.binandxxd msg4.bin