Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

introduce FileDP tool for Data Protection Class verification #1481

Merged
merged 1 commit into from
Oct 4, 2019
Merged

introduce FileDP tool for Data Protection Class verification #1481

merged 1 commit into from
Oct 4, 2019

Conversation

abjurato
Copy link
Collaborator

@abjurato abjurato commented Oct 3, 2019

- [ ] You verified/tested the effectiveness of your contribution
👆 This part is especially funny because Needle framework is pretty abandoned and supports only iOS 8, 9 and 10 and most modules support only 32 bit devices. Rather then enhancing Dynamic Analyse with Needle section we'd better consider replacing it with dynamic analyse with separate tools that once were included as modules into Needle.

This PR contains only a mention that Data protection class of a file can be verified during dynamic analysis. Hope interested reader will find her way to run FileDP on modern devices with modern jailbreaks.

@cpholguera
Copy link
Collaborator

Hi @abjurato you definitely have a point there ^^ We are aware of this and have an issue open, please see: #1409

For instance, what FileDP does is already covered (and comes for free) whenever you run ls in objection. That should be the preferred way of checking the Data Protection classes in deed. Nowadays and as we recommend in the guide, any tester would have installed Frida on their device. So no additional installations are required. Just using objection will be enough for a task like this one.

If you feel like addressing this topic, we're more than happy about any help on this :) I definitely like your suggestion: "enhancing Dynamic Analysis with Needle section we'd better consider replacing it with Dynamic Analysis with separate tools that once were included as modules into Needle."

@cpholguera cpholguera mentioned this pull request Oct 3, 2019
Closed
@sushi2k sushi2k merged commit cdf854f into OWASP:master Oct 4, 2019
@sushi2k sushi2k mentioned this pull request Oct 4, 2019
Merged
@cpholguera
Copy link
Collaborator

I still have two questions @abjurato ^^

  • did the FileDP module worked for you? Do you have some example output from running it from needle?
  • did you have to install it additionally to Needle or did it just work?

Thank you in advance!

@abjurato
Copy link
Collaborator Author

abjurato commented Oct 4, 2019

@cpholguera I've found source of FileDP in author's repository https://github.com/satishb3/FileDp-Source , Needle's one is 32bit only

@kysokzla
Copy link

@abjurato we have run needle from very old ios version to 13.0. It's just a convinient wrapper for making calls to real binaries that gets the job done. It's just python2. Have u seen the code? What it do under the hood. It just calls binaries if ur jb solution do not include arm64 or arm64e binaries i have to compile it and replace in the right folder and u are good to go.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sushi2k sushi2k sushi2k approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@abjurato @cpholguera @kysokzla @sushi2k