Skip to content

Uncover usage of insecure functions, implementation of weak cryptography, encryption status, and the presence of security features like Position Independent Executable (PIE), Stack Canaries, and Automatic Reference Counting (ARC) in iOS Applications Binaries.

Notifications You must be signed in to change notification settings

saladandonionrings/iOS-Binary-Security-Analyzer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

b0e9deb Β· Feb 29, 2024

History

17 Commits
Feb 29, 2024
Jul 20, 2023

Repository files navigation

πŸ•΅οΈβ€β™‚οΈ iOS Binary Security Analyzer

This script inspects iOS application binaries to uncover usage of insecure functions, implementation of weak cryptography, encryption status, and the presence of security features like Position Independent Executable (PIE), Stack Canaries, and Automatic Reference Counting (ARC).

🌟 Features

  • Quick static analysis of iOS binaries
  • Checks for various iOS binary security features (encryption, PIE, Stack Canaries, ARC)
  • Detection of weak cryptographic methods (MD5, SHA1)
  • Identification of commonly misused and insecure functions

πŸ“‹ Requirements

  1. πŸ“² Jailbreak your iOS device.
  2. πŸ› οΈ Install otool: This can be done through the Cydia package manager.
    • Add the following repository in Cydia: http://apt.thebigboss.org/repofiles/cydia/
    • Search for and install the Big Boss Recommended Tools package.
    • Alternatively, search for and install the Darwin CC Tools package.
    • If your device is set up with SSH and command line access, you can also install otool via command line using: apt install otool

πŸš€ Usage

The binary should be located within the /private/var/containers/Bundle/Application/XXXXXXX/<APP-PATH>/ directory.

# on host
git clone https://github.com/saladandonionrings/ios-binary-checks.git
cd ios-binary-checks
# send the script to your ios device
scp check-binary.sh root@ip:/var/root

# on ios device
./check-binary.sh <binary>

πŸ“Έ Screenshots

image image

About

Uncover usage of insecure functions, implementation of weak cryptography, encryption status, and the presence of security features like Position Independent Executable (PIE), Stack Canaries, and Automatic Reference Counting (ARC) in iOS Applications Binaries.

Topics

Resources

Stars

Watchers

Forks

Languages