Website of Daniel A. Mayer

Idb - iOS Research / Pentesting Tool

Last weekend (January 17-19 2014) I gave a talk on blackbox iOS app pentesting at ShmooCon 2014 in Washington, D.C. The talk covered various common iOS app vulnerabilities, mitigation techniques, and also introduced a new tool called idb and demonstrated how it can be used to test for the discussed vulnerabilities.

Here is the slide deck:

ShmooCon Video Recording

Update February 10th 2014 The recording of my ShmooCon talk was now posted on archive.org. Below is a local mirror of the video.

idb

idb is a tool to simplify some common tasks for iOS pentesting and research. It is written in ruby with a Qt GUI frontend and should run on OS X and Linux (with some restrictions). This is the first public release of the tool so bug reports, feature requests, and contributions are more than welcome! The code is available under the MIT license on Github:

Read the full list of features after the jump.

Notable features

  • Simplified pentesting setup
    • Setup port forwarding
    • Certificate management
  • iOS log viewer
  • Screen shot utility
    • Simplifies testing for the creation of backgrounding screenshots
  • App-related functions
    • App binary
      • Download
      • List imported libraries
      • Check for encrypttion, ASLR, stack canaries
      • Decrypt and download an app binary (requires dumpdecrypted)
    • Launch an app
    • View app details such as name, bundleid, and Info.plist file.
  • Inter-Process Communication
    • URL Handlers
      • List URL handlers
      • Invoke and fuzz URL handlers
    • Pasteboard monitor
  • Analyze local file storage
    • Search for, download, and view plist files
    • Search for, download, and view sqlite databases
    • Search for, download, and view local caches (Cache.db)
    • File system browser
  • Install utilities on iDevices
  • Alpha:
    • Cycript console
    • Snoop-It integration

Comments