Security Assessment Tool Vulnerability Analysis

idb – iOS App Security Assessment Tool

idb is a tool to simplify some common tasks for iOS app security assessments and research. Please see the Documentationfor a more detailed summary of each function.


Features

  • Assessment Setup
    • SSH port forwarding
    • Installation of helper utilities
  • App Information
    • Bundle information
    • Registered URL Schemes
    • Platform and SDK Versions
    • Data folder location
    • Entitlements
  • Data Storage
    • List plist files and data protection class
    • List sqlite files and data protection class
    • List Cache.db files and data protection class
    • Full app file system browser
      • Browse files
      • Download/view files
      • Check data protection
      • Rsync folders and keep git revisions
    • Dump iOS keychain
  • Binary Analysis
    • Check for encryption
    • Check for protections (ASLR/PIE, DEP, ARC)
    • List shared libraries
    • Extract strings in app binary
    • Dump class and method signatures
  • IPC
    • List URL handlers
    • Invoke and fuzz URL handlers
    • Monitor the iOS pasteboardA
  • Other Tools
    • Check for iOS backgrounding screenshot
    • Install certificates
    • Edit /etc/hosts file

 

Installation:

Prerequisites:

1. Ruby Environment
idb requires a valid ruby 1.9.3 or 2.1 installation and it is recommended to install the used ruby using RVM. Ruby 2.0 does not work properly due to issues with qtbindings.

 

Important Note: Shared library support is required! This is the default for many system rubies, but if you install a ruby via rvm or similar, you need to do one of the following:

Under rvm use rvm install 2.1 –enable-shared when installing ruby.
Under ruby-install/chruby use — –enable-shared when installing ruby.
Under ruby-build/rbenv with ruby-build use CONFIGURE_OPTS=–enable-shared [command] when installing Ruby.

2. Install Other Prerequisites:
For OS X:

3. Installing idb
Production Use:

3. Development

As for every ruby gem, the application code lives in the lib folder
Run idb by calling bundle exec idb

Note: Running bin/idb directly won’t work since it will not find the idb gem (or use the installed gem and not the checked out source code). Instead, the bundle exec command runs idb in the current bundler environment where bundler supplies the gem from source.

Download idb at Github

I started blogging around 2011 at #Ubuntupirates, #ProjectX and #pir8geek, I’m currently working as Network/Linux SysAdmin.

I’m a Linux,opensource advocate and interested in network security and InfoSec.

Leave a Reply