Skip to content

BarakAharoni/libsecmet

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
Makefile
Makefile
 
 
README.md
README.md
 
 
secmet.c
secmet.c
 
 

Repository files navigation

libsecmet.dylib

Securing Vulnerable Methods in iOS and macOS Binaries via Interposing Dynamic Libraries.

This project create a dynamic library using interposing to replace vulnerable libc functions with safer alternatives on macOS and iOS. Specifically, it interposes the strcmp, strcpy, and strcat functions.

Background

Dynamic library interposition in iOS, implemented through the DYLD_INTERPOSE macro, is a runtime technique that allows developers to replace or intercept calls to existing functions within dynamically linked libraries. The DYLD_INTERPOSE macro creates a special section in the binary that the dynamic linker (dyld) processes at load time, establishing function redirections before the main program executes.

This mechanism works by creating tuples that map original function addresses to replacement function addresses, enabling developers to hook into system calls, library functions, or any dynamically linked code. Originally designed for debugging, profiling, and testing purposes, interposition has become a powerful tool for runtime analysis, security research, and reverse engineering on iOS and macOS platforms.

The technique operates at a lower level than method swizzling in Objective-C, working directly with C functions and providing more comprehensive coverage of the system's function calls, though it requires careful implementation to avoid crashes and maintain system stability.

Description

The library uses the DYLD_INTERPOSE to replace dangerous functions with secure implementations:

  • strcmp with strncmp.
  • strcpy with strncpy.
  • strcat with strncat.
  • sprintf with snprintf.
  • vsprintf with vsnprintf.
  • gets with fgets.

Files

  • secmet.c: Secure function implementations with interposition logic and replacement functions.
  • Makefile: The makefile to compile the dynamic library.
  • README.md: Project documentation.

Compilation

To compile the dynamic library, use the provided Makefile: make

This produces libsecmet.dylib.

Usage

Method 1: Link-Time Integration (Recommended)

For new applications, link directly during compilation:

# Compile your app with the security library
clang -o myapp myapp.c -L. -lsecmet

# Run normally - security is built-in
./myapp

Method 2: Xcode Integration

Add to your Xcode project:

  1. Build Settings → Other Linker Flags → Add -L/path/to/lib -lsecmet.
  2. Build Phases → Copy Files → Add libsecmet.dylib to bundle.
  3. Build and run - security functions activate automatically.

Method 3: Runtime Injection (Development/Testing)

For existing binaries or testing:

# Inject into running process
DYLD_INSERT_LIBRARIES=./libsecmet.dylib ./existing_app

This will ensure that the interposed functions are used by your_application.

Cleaning Up

To clean up the generated files, run: make clean

Author

Barak Aharoni

About

Securing Vulnerable Methods in iOS and macOS Binaries via Interposing Dynamic Libraries.

Topics

macos ios osx mach-o

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages