Comments (6)
I can confirm keychain_dumper is impacted by rate limiting capabilities on the Secure Enclave Processor (SEP) when accessing the KeyChain, as described above by @utkanos in comment "#68 (comment)".
In a jailbroken iOS 14.x device keychain_dumper works if you clean-up the "ent.xml" file for your target app (reducing the number of entries), and re-apply the entitlements to the binary:
- Modify the "./updateEntitlements.sh" script not to remove the "/usr/bin/ent.xml" output file.
- Copy and edit the "/usr/bin/ent.xml" for your target, reducing the number of entries (<36, see comment above).
- Copy the new "ent.xml" file back and re-apply it to the binary:
# cp ent.xml /usr/bin
# cd /usr/bin
# ldid -Sent.xml keychain_dumper
from keychain-dumper.
I suggest generating a warning related to the number of entries in the "ent.xml" file inside the "updateEntitlements.sh", once the file is created in "/usr/bin" and before applying it to the binary via "ldid". Also, a warning could be added to the README for users to be aware of that limitation in case they do not get any results.
Unfortunately, manual modification of "ent.xml" is required by now... A future option could be generating a generic "ent.xml" file only including Apple related entitlements, and another "ent.xml" file specific for a target app.
from keychain-dumper.
For folks getting no output using this tool, make sure you've updated the entitlements using the provided script on the device. If you are still getting just the hint about unlocking your device and finding no items, the problem is that your entitlements list is too long. I am still investigating why that's the case, but my current guess is that you are restricted in how many queries you can run against the SEP. I am seeing SEP operation failures if the entitlement list is too long.
So that said, the magic number seems to be 36. If you examine your entitlements.xml and you have MORE than 36 attributes corresponding to keychain entitlements, the program will bail without providing any output. While I continue to track down whether it's a hard limit of entitlements (doubtful) or the program trying too many requests (current hunch), the way to use this on iOS 14.x is to ensure your entitlements list is less than 36. Don't forget to use ldid to update the binary entitlement after you edit the file.
tl;dr if you use the -e flag to create entitlements, it's likely that your list is now too long and you need to remove items from it in order to get output. If time permits I'll dig more into this problem, but for my purposes the tool is functional. Entitlements will be a personal thing anyway, so hacking around this seems not that crucial to me.
from keychain-dumper.
@raulsiles - The instructions you listed above..should they either land in the top-level readme and/or get added to some updated script in the repo?
from keychain-dumper.
can you please make it simple with steps, becouse I face this issue and try a lot to resolve it but it really did not solve it, I have ios 14.X and still this issue exists.
from keychain-dumper.
can you please make it simple with steps, becouse I face this issue and try a lot to resolve it but it really did not solve it, I have ios 14.X and still this issue exists.
The below will remove all rubbish Apple strings and resign the binary with the new ent2.xml entitlements file.
keychain_dumper -e > ent.xml
grep -v -e '<string>com.apple.PassbookUIService</string>' -e '<string>com.apple.ProtectedCloudStorage</string>' -e '<string>com.apple.ProtectedCloudStorage.KTAccountKey</string>' -e '<string>com.apple.Spotlight</string>' -e '<string>com.apple.TextInput</string>' -e '<string>com.apple.applesse</string>' -e '<string>com.apple.apsd</string>' -e '<string>com.apple.assistant</string>' -e '<string>com.apple.bluetooth</string>' -e '<string>com.apple.certificates</string>' -e '<string>com.apple.cfnetwork</string>' -e '<string>com.apple.cloudd</string>' -e '<string>com.apple.continuity.unlock</string>' -e '<string>com.apple.hap.pairing</string>' -e '<string>com.apple.healthrecordsd</string>' -e '<string>com.apple.icloud.searchpartyd</string>' -e '<string>com.apple.identityservicesd</string>' -e '<string>com.apple.ind</string>' -e '<string>com.apple.internal.seserviced.keysync.recoveryblobs</string>' -e '<string>com.apple.ndoagent</string>' -e '<string>com.apple.networkserviceproxy</string>' -e '<string>com.apple.passd</string>' -e '<string>com.apple.rapport</string>' -e '<string>com.apple.sbd</string>' -e '<string>com.apple.security.ckks</string>' -e '<string>com.apple.security.egoIdentities</string>' -e '<string>com.apple.security.octagon</string>' -e '<string>com.apple.security.sos</string>' -e '<string>com.apple.security.sos-usercredential</string>' -e '<string>com.apple.sharing.appleidauthentication</string>' -e '<string>com.apple.telephonyutilities.callservicesd</string>' -e '<string>com.apple.transparencyd</string>' -e '<string>group.com.apple.notes</string>' -e '<string>ichat</string>' -e '<string>lockdown-identities</string>' -e '<string>online-auth-agent</string>' -e '<string>searchpartyd-baa-fmna-group</string>' -e '<string>wifianalyticsd</string>' -e '<string>apple</string>' -e '<string>apple account</string>' "ent.xml" > "ent2.xml"
ldid -Sent2.xml /usr/bin/keychain_dumper
from keychain-dumper.
Related Issues (20)
- Can this tool export the private key of the [Apple Iphone Device CA] certificate? HOT 3
- issue with make when building HOT 5
- Feature: Add CLI args instead of stdin HOT 6
- keychain_dumper is not finding items on iOS 13.5 HOT 47
- Hello, what's the cause of this error HOT 17
- anybody got this working on iOS 13.5? HOT 1
- Symbol not found: _objc_opt_new HOT 4
- seems not working at ios13 HOT 2
- it seems ios 13.6.1 not working? HOT 2
- Not as much of an issue..
- iOS 13.5.1 - Keychain data not decrypted HOT 2
- iOS 14 keychain_dumper does not work anymore HOT 6
- Unable to dump keychain info on iOS 13.3.1 HOT 1
- Malformed key data Detected HOT 2
- which was built for iOS 14.4 HOT 8
- IOS 15
- Key
- Build issue _objc_release_x19 HOT 4
- ios 15 - ldid missing Info.plist HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from keychain-dumper.