Skip to content

A CLI to interact with iOS's keychain on a jailbroken device to dump/edit/delete a keychain item.

Notifications You must be signed in to change notification settings

dmayer/keychaineditor

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

keychaineditor

KeychainEditor is a CLI to interact with iOS's Keychain on a jailbroken iDevice. Keychain is a secure storage provided by the iOS to save client-side secrets/certificates onto the device. KeychainEditor is useful to dump/edit/delete a keychain item. The tool will greatly help pentesters and security researches alike who would want to poke at application's keychain usage during iOS APT (Application Penetration Test). It should be noted that the tool currently supports Generic Passwords (Genp) only. Support for Internet Passwords and Certificates will soon be added!

Features

  1. Support for iOS8+ and the new changes in Keychain.

  2. A Minimal dump of the keychain, which only outputs AccountNames and ServiceNames.

  • ./keychaineditor --action min-dump
  1. A search feature to limit the output to only what the user desired for. The search can be performed on Account, Service, AccessGroup or Accessibility values.
  • ./keychaineditor --action dump --find "WhenUnlocked"
  1. Works with idb!

Note: Please check --help command for more options/examples.

Build Notes

  1. To build the tool, Run 'make' in the current directory.
    Note: You should have xcode command line tools installed for the toolchain.

  2. Creating Symlinks:
    Always properly check that you have symlinks for 'sdk' and 'toolchain' in the current directory.

  • To find the exact SDK installed on your machine, type the following command:
    $ xcodebuild -showsdks
  • To get the actual path of the SDK:
    $ xcrun -sdk iphoneos8.2 --show-sdk-path
  • For example, you should see something like this after you have created symlinks:
    $ toolchain -> /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/
    $ sdk -> /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS8.2.sdk
  1. Make errors:
    You may have a lower sdk version installed on your machine, and the makefile will not be able to find the exact path for the SDK installed. Follow the above steps to find the SDK installed and update it with the appropriate SDK version for the 'isysroot' flag.

  2. Error Code -34018:
    The above error code is caused because you did not code sign the binary and did not provide the keychain access entitlements.
    $ codesign -fs "YOUR_SELF_SIGNED_CERT" --entitlements entitlements.xml keychaineditor

  • To get a list of certificates that are already available in your keychain to sign your binary, you can use the following command:
    $ security find-identity -v -p codesigning

About

A CLI to interact with iOS's keychain on a jailbroken device to dump/edit/delete a keychain item.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Objective-C 98.6%
  • Makefile 1.4%