iphone-dataprotection
iphone-dataprotection copied to clipboard
nabla-c0d3
ios 7 keychain support
Handle new ASN1 data column encoding
Original issue reported on code.google.com by [email protected] on 24 Jul 2013 at 8:35
Some update here ? I will love to do a demo with iOS 7 :)
Original comment by [email protected] on 23 Aug 2013 at 11:03
I've attached the patch that I use to read iOS 7 databases. It requires pyasn1
to be installed.
Original comment by [email protected] on 4 Sep 2013 at 4:52
Attachments:
Please note my patch base64 encodes the value and prefixes it with "base64" if
it is binary, you probably want to change this before applying it to the
repository.
Original comment by [email protected] on 4 Sep 2013 at 4:57
Here is a revised patch that doesn't do the base64 encoding. (The resulting
entries can't be dumped as JSON if they aren't valid utf8 strings.)
Original comment by [email protected] on 4 Sep 2013 at 5:15
Attachments:
Thanks a lot ! i will integrate this when i get the chance.
Original comment by [email protected] on 8 Oct 2013 at 7:59
The tested iphone : iphone4 and ios7.0.2
- Install pyasn1
- I patch the attached file"keychain4.py"
However there is an error
"sqlite3.DatabaseError: file is encrypted or is not a database"
Original comment by [email protected] on 10 Oct 2013 at 8:51
Attachments:
Hi - I am also noticing an issue with iOS 7.0.2 on iPhone 4. I had no issues
with the same device running iOS 7.0.0. I'm using the updated ios7.patch.v2.
Here is the excerpt of the error... It looks similar to issue 50
(https://code.google.com/p/iphone-dataprotection/issues/detail?id=50&can=1&q=key
bag#makechanges)
Keybag: SIGN check FAIL
Keybag unlocked with passcode key
Traceback (most recent call last):
File "python_scripts/keychain_tool.py", line 72, in <module>
main()
File "python_scripts/keychain_tool.py", line 52, in main
k.print_all(options.sanitize)
File "/Users/djones/iphone-dataprotection/python_scripts/keychain/keychain.py", line 134, in print_all
for p in self.get_passwords():
File "/Users/djones/iphone-dataprotection/python_scripts/keychain/keychain.py", line 65, in get_passwords
return self.get_items("genp")
File "/Users/djones/iphone-dataprotection/python_scripts/keychain/keychain.py", line 61, in get_items
self.items[table] = filter(lambda x:x!={}, map(self.decrypt_item, self.store.get_items(table)))
File "/Users/djones/iphone-dataprotection/python_scripts/keychain/keychain4.py", line 49, in decrypt_item
dict["data"] = dict["v_Data"].data
AttributeError: 'str' object has no attribute 'data'
Original comment by [email protected] on 13 Oct 2013 at 3:33
@djo... Sorry about that, in my own code I was using decrypt_blob directly
rather than using keychain_tool, and I had already adjusted it for this issue.
The attached patch should handle this case.
Original comment by [email protected] on 13 Oct 2013 at 5:44
Attachments:
So it worked great and then I just tried again after doing a full device reset
and now I get the following which someone else here previously posted as well:
Keybag: SIGN check FAIL
Keybag unlocked with passcode key
Traceback (most recent call last):
File "python_scripts/keychain_tool.py", line 72, in <module>
main()
File "python_scripts/keychain_tool.py", line 49, in main
k = keychain_load(args[0], kb, p["key835"].decode("hex"))
File "/Users/djones/iphone-dataprotection/python_scripts/keychain/__init__.py", line 6, in keychain_load
version = sqlite3.connect(filename).execute("SELECT version FROM tversion").fetchone()[0]
sqlite3.OperationalError: no such table: tversion
Original comment by [email protected] on 18 Oct 2013 at 7:14
Disregard. The issue had to do with demo_bruteforce.py. I had to slightly
modify the script to download all 3 components of the sqlite DB (.db, db-shm,
and db-wal.).
Original comment by [email protected] on 21 Oct 2013 at 8:24
Sorry to bring this dead thread back to life, but how do I update my local
files with the .patch.v3 file?
Original comment by [email protected] on 24 Dec 2013 at 10:40
@c0taxt try running "patch < ios7.patch.v3 " from the command line in the root
folder of the tools.
Original comment by [email protected] on 29 Dec 2013 at 11:39
@jean.sig
thank you so much. I am very grateful for your reply.
Original comment by [email protected] on 29 Dec 2013 at 8:21
Hey guys,
I seems to be able to decrpyt everyhting but not the password from safari, any
idea?
Original comment by [email protected] on 13 May 2014 at 2:49
Issue 144 has been merged into this issue.
Original comment by [email protected] on 24 Jul 2014 at 9:55
Thanks. I applied file ios7.patch.v3 to the most recent commit. Upon running
the keychain_tool,py script, I get this error:
$ python python_scripts/keychain_tool.py -d /XXXXX/keychain-2.db
/XXXXX/b8bc987ada7c0547.plist
Keybag unlocked with passcode key
Traceback (most recent call last):
File "python_scripts/keychain_tool.py", line 73, in <module>
main()
File "python_scripts/keychain_tool.py", line 53, in main
k.print_all(options.sanitize)
File "/iphone-dataprotection/python_scripts/keychain/keychain.py", line 139, in print_all
KSECATTRACCESSIBLE.get(p["clas"])[18:]]
TypeError: 'NoneType' object is not subscriptable
Original comment by [email protected] on 24 Jul 2014 at 2:13
ok, try adding those 2 lines in python_scripts/keychain/keychain4.py
version, clas = struct.unpack("<LL", row["data"][0:8])
+ clas = clas & 0xF
version, clas = struct.unpack("<LL",blob[0:8])
+ clas = clas & 0xF
Original comment by [email protected] on 25 Jul 2014 at 9:00
Thank you! After applying those two lines, the script runs without errors.
Original comment by [email protected] on 25 Jul 2014 at 1:22
This issue was updated by revision 195f7cad875f.
keychain4.py: mask clas field for iOS 7
Original comment by [email protected] on 3 Sep 2014 at 4:27
This issue was updated by revision 44cf8b8dcb78.
Support for iOS 7 ASN1 keychain blobs, thanks to Steve Dunham
Original comment by [email protected] on 21 Sep 2014 at 1:10
hi .. I have tried to decrypt the iPad2 keychain from the backup (with password)
everything seemed ok but the last step, the password was requested:
"If you have key835 for device 575xxx enter it
(in hex)"
I entered my backup password but it did not work and shown "Cannot decrypt
backup keybag. Wrong password ?"
please let me know what was wrong with it?
now ipad2 is in IOS 7.1 and the backup was created by itunes 11.4
thanks
Original comment by [email protected] on 14 Dec 2014 at 11:38
Hi I just came accross this and have done everything I need to do to run the
tool on windows command prompt but i get an error.
ImportError: No module named pyasn1.codec.der.decoder
Original comment by [email protected] on 23 Feb 2015 at 11:32