Skip to content

Uncover usage of insecure functions, implementation of weak cryptography, encryption status, and the presence of security features like Position Independent Executable (PIE), Stack Canaries, and Automatic Reference Counting (ARC) in iOS Applications Binaries.

Notifications You must be signed in to change notification settings

saladandonionrings/iOS-Binary-Security-Analyzer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 

Repository files navigation

🕵️‍♂️ iOS Binary Security Analyzer

This script inspects iOS application binaries to uncover usage of insecure functions, implementation of weak cryptography, encryption status, and the presence of security features like Position Independent Executable (PIE), Stack Canaries, and Automatic Reference Counting (ARC).

🌟 Features

  • Quick static analysis of iOS binaries
  • Checks for various iOS binary security features (encryption, PIE, Stack Canaries, ARC)
  • Detection of weak cryptographic methods (MD5, SHA1)
  • Identification of commonly misused and insecure functions

📋 Requirements

  1. 📲 Jailbreak your iOS device.
  2. 🛠️ Install otool: This can be done through the Cydia package manager.
    • Add the following repository in Cydia: http://apt.thebigboss.org/repofiles/cydia/
    • Search for and install the Big Boss Recommended Tools package.
    • Alternatively, search for and install the Darwin CC Tools package.
    • If your device is set up with SSH and command line access, you can also install otool via command line using: apt install otool

🚀 Usage

The binary should be located within the /private/var/containers/Bundle/Application/XXXXXXX/<APP-PATH>/ directory.

# on host
git clone https://github.com/saladandonionrings/ios-binary-checks.git
cd ios-binary-checks
# send the script to your ios device
scp check-binary.sh root@ip:/var/root

# on ios device
./check-binary.sh <binary>

📸 Screenshots

image image

About

Uncover usage of insecure functions, implementation of weak cryptography, encryption status, and the presence of security features like Position Independent Executable (PIE), Stack Canaries, and Automatic Reference Counting (ARC) in iOS Applications Binaries.

Topics

Resources

Stars

Watchers

Forks

Languages