Slide 1
Slide 1 text
App Protection
potatotips #51
1 —
!
@noppefoxwolf, 2018
Slide 2
Slide 2 text
noppe
@noppefoxwolf
iOSΞϓϦσϕϩούʔ
!
͕͖Ͱ͢ʂ
potatotipsॳࢀઓͰ͢ʂ
2 —
!
@noppefoxwolf, 2018
Slide 3
Slide 3 text
3 —
!
@noppefoxwolf, 2018
Slide 4
Slide 4 text
4 —
!
@noppefoxwolf, 2018
Slide 5
Slide 5 text
Charles for iOS͕ൃച͞Ε·ͨ͠Ͷʂ
→ CharlesiOS͔Βͷ HTTP ͱ HTTPS ͷτϥϑΟο
ΫΛΩϟϓνϟͰ͖ΔΞϓϦ
→ ௨৴ܥͷσόοάʹͱͯศརͰ͢ΑͶʂ
5 —
!
@noppefoxwolf, 2018
Slide 6
Slide 6 text
ࣗͷΞϓϦͷ௨৴Λݟ͍ͯͨΒ…
6 —
!
@noppefoxwolf, 2018
Slide 7
Slide 7 text
ࣗͷΞϓϦͷ௨৴Λݟ͍ͯͨΒ…
ۮવCharlesΛ͚ͭͬͺͳ͠ͰTwitterͷΞϓϦΛ։͍
ͯ͠·ͬͨɻ
7 —
!
@noppefoxwolf, 2018
Slide 8
Slide 8 text
λΠϜϥΠϯͷߋ৽͕ग़དྷ·ͤΜͰͨ͠ɻ
8 —
!
@noppefoxwolf, 2018
Slide 9
Slide 9 text
ࠓճ͜ͷಈ࡞Λ࣮͠·ͨ͠ɻ
9 —
!
@noppefoxwolf, 2018
Slide 10
Slide 10 text
Charlesͷ࣮
·ͣCharlesͷ࣮Λ֬ೝ͠·͢ɻ
try! Swift Tokyo 2018 - Introducing Charles for iOS1
1 https://www.youtube.com/watch?v=RWotEyTeJhc
10 —
!
@noppefoxwolf, 2018
Slide 11
Slide 11 text
Charlesͷ࣮
NetworkExtensionΛͬͯɺVPN2ίωΫγϣϯΛ
ష͍ͬͯΔɻ
iOSͷVPNͷৗ࣌ଓػೳΛ͑ΞϓϦ͔Βͯ͢
ͷIPτϥϑΟοΫ͕τϯωϦϯάग़དྷΔɻ3
3 https://developer.apple.com/documentation/networkextension
2 Virtual private network ԾϓϥΠϕʔτωοτϫʔΫ
11 —
!
@noppefoxwolf, 2018
Slide 12
Slide 12 text
ΞϓϦ͔ΒVPN͕షΒΕ͍ͯΔ͔νΣοΫग़དྷΕOKͦ͏
12 —
!
@noppefoxwolf, 2018
Slide 13
Slide 13 text
VPNݕग़
CFNetworking.frameworkΛ͏͜ͱͰɺݕग़Ͱ͖Δɻ
CFNetworkCopySystemProxySettings()
↑ͰγεςϜͷΠϯλʔωοτϓϩΩγઃఆΛऔಘग़
དྷ·͢ɻ
13 —
!
@noppefoxwolf, 2018
Slide 14
Slide 14 text
Swift.Unmanaged<__ObjC.CFDictionary>(_value: {
"__SCOPED__" = {
utun4 = {
HTTPSPort = 8080;
HTTPSProxy = "10.78.2.43";
};
};
})
__SCOPED__ʹϓϩΩγઃఆ͕ೖ͍ͬͯΔ
tunؚ͕·ΕΔઃఆτϯωϧͳͷͰ͍ͯྑ͍…ʁ
14 —
!
@noppefoxwolf, 2018
Slide 15
Slide 15 text
VPNDetector
https://github.com/noppefoxwolf/VPNDetector
15 —
!
@noppefoxwolf, 2018
Slide 16
Slide 16 text
!
Ҏ্Ͱ͢ʂ
͋Γ͕ͱ͏͍͟͝·ͨ͠
16 —
!
@noppefoxwolf, 2018