Skip to content
This repository has been archived by the owner on Jan 9, 2019. It is now read-only.

NitinJami/keychaineditor-old

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
Makefile
Makefile
 
 
README.md
README.md
 
 
entitlements.xml
entitlements.xml
 
 
main.m
main.m
 
 

Repository files navigation

THIS IS NO LONGER SUPPORTED.

keychaineditor

KeychainEditor is a CLI to interact with iOS's Keychain on a jailbroken iDevice. Keychain is a secure storage provided by the iOS to save client-side secrets/certificates onto the device. KeychainEditor is useful to dump/edit/delete a keychain item. The tool will greatly help pentesters and security researches alike who would want to poke at application's keychain usage during iOS APT (Application Penetration Test). It should be noted that the tool currently supports Generic Passwords (Genp) only. Support for Internet Passwords and Certificates will soon be added!

Features

  1. Support for iOS8+ and the new changes in Keychain.

  2. A Minimal dump of the keychain, which only outputs AccountNames and ServiceNames.

  • ./keychaineditor --action min-dump
  1. A search feature to limit the output to only what the user desired for. The search can be performed on Account, Service, AccessGroup or Accessibility values.
  • ./keychaineditor --action dump --find "WhenUnlocked"
  1. Works with idb!

Note: Please check --help command for more options/examples.

Build Notes

  1. To build the tool, Run 'make' in the current directory.
    Note: You should have xcode command line tools installed for the toolchain.

  2. Always compile to SDK installed on your machine and update 'isysroot' flag:

  • To find the exact SDK installed on your machine, type the following command:
    $ xcodebuild -showsdks
  • To get the actual path of the SDK:
    $ xcrun -sdk iphoneos9.2 --show-sdk-path
  1. Make errors:
    You may have a lower SDK version installed on your machine, and the makefile will not be able to find the exact path for the SDK installed. Follow the above steps to find the SDK installed and update it with the appropriate SDK version for the 'isysroot' flag.

Note: This error should no longer occur. "ldid" is backed into "Makefile" now.

Error Code -34018:
The above error code is caused because you did not code sign the binary and did not provide the keychain access entitlements.
$ codesign -fs "YOUR_SELF_SIGNED_CERT" --entitlements entitlements.xml keychaineditor

  • To get a list of certificates that are already available in your keychain to sign your binary, you can use the following command:
    $ security find-identity -v -p codesigning

About

This is no longer supported.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages