demo
ios
MASTG-TEST-0211
MASTG-DEMO-0016: Uses of Insecure Hashing Algorithms in CryptoKit with r2
Content in BETA
This content is in beta and still under active development, so it is subject to change any time (e.g. structure, IDs, content, URLs, etc.).
Send Feedback
Sample
MastgTest.swift 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 import Foundation
import CryptoKit
struct MastgTest {
// Function to generate a SHA - 1 hash
static func generateSHA1Hash ( data : Data ) -> String {
let hash = Insecure . SHA1 . hash ( data : data )
return hash . compactMap { String ( format : " %02x " , $ 0 ) } . joined ()
}
// Function to generate an MD5 hash
static func generateMD5Hash ( data : Data ) -> String {
let hash = Insecure . MD5 . hash ( data : data )
return hash . compactMap { String ( format : " %02x " , $ 0 ) } . joined ()
}
static func mastgTest ( completion : @escaping ( String ) -> Void ) {
let input = "This is a sample text" . data ( using : . utf8 ) !
// Generate SHA - 1 hash
let sha1Hash = generateSHA1Hash ( data : input )
// Generate MD5 hash
let md5Hash = generateMD5Hash ( data : input )
let value = """
Original: \(String(data: input, encoding: .utf8)!)
SHA-1 Hash: \(sha1Hash)
MD5 Hash: \(md5Hash)
"""
completion ( value )
}
}
Steps
Unzip the app package and locate the main binary file ( Exploring the App Package ), which in this case is ./Payload/MASTestApp.app/MASTestApp
.
Open the app binary with radare2 for iOS with the -i
option to run this script.
cryptokit_hash.r2 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24 ? e ; ? e
? e Uses of CryptoKit . Insecure functions :
afl ~ Insecure .
? e
? e xrefs to CryptoKit . Insecure . MD5 :
axt @ 0x100007280
? e
? e xrefs to CryptoKit . Insecure . SHA1 :
axt @ 0x10000728c
? e
? e Use of MD5 :
pd -- 5 @ 0x1000046d8
? e
? e Use of SHA1 :
pd -- 5 @ 0x100004214
run.sh r2 - q - i cryptokit_hash . r2 - A MASTestApp
Observation
The output contains all uses of CryptoKit.Insecure
functions in the binary, the xrefs for Insecure.MD5
and Insecure.SHA1
and the disassembled code of the region where each of these functions is called.
output.txt 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35 Uses of CryptoKit . Insecure functions :
0x100007274 1 12 sym . imp . CryptoKit . Insecure . SHA1Digest .
0x100007280 1 12 sym . imp . CryptoKit . Insecure . MD5 .
0x10000728c 1 12 sym . imp . CryptoKit . Insecure . SHA1 .
0x100007298 1 12 sym . imp . CryptoKit . Insecure . MD5Digest .
xrefs to CryptoKit . Insecure . MD5 :
sym . func .10000469 c 0x1000046d8 [ CALL : -- x ] bl sym . imp . CryptoKit . Insecure . MD5 .
xrefs to CryptoKit . Insecure . SHA1 :
sym . func .1000041 d8 0x100004214 [ CALL : -- x ] bl sym . imp . CryptoKit . Insecure . SHA1 .
Use of MD5 :
│ 0x1000046c4 48000090 adrp x8 , reloc . Foundation . __DataStorage . _bytes . allocator__UnsafeMutableRawPointer______ ; 0x10000c000
│ 0x1000046c8 08 d141f9 ldr x8 , reloc . __stack_chk_guard ; 0x10000c3a0
│ 0x1000046cc 080140 f9 ldr x8 , [ x8 ]
│ 0x1000046d0 a8831af8 stur x8 , [ x29 , - 0x58 ]
│ 0x1000046d4 000080 d2 mov x0 , 0
│ 0x1000046d8 ea0a0094 bl sym CryptoKit . Insecure . MD5 . ; sym . imp . CryptoKit . Insecure . MD5 .
│ 0x1000046dc f70300aa mov x23 , x0
│ 0x1000046e0 54000090 adrp x20 , reloc . Foundation . __DataStorage . _bytes . allocator__UnsafeMutableRawPointer______ ; 0x10000c000
│ 0x1000046e4 947241 f9 ldr x20 , reloc . CryptoKit . Insecure . MD5 . ; 0x10000c2e0
│ 0x1000046e8 16805 ff8 ldur x22 , [ x0 , - 8 ]
Use of SHA1 :
│ 0x100004200 48000090 adrp x8 , reloc . Foundation . __DataStorage . _bytes . allocator__UnsafeMutableRawPointer______ ; 0x10000c000
│ 0x100004204 08 d141f9 ldr x8 , reloc . __stack_chk_guard ; 0x10000c3a0
│ 0x100004208 080140 f9 ldr x8 , [ x8 ]
│ 0x10000420c a8831af8 stur x8 , [ x29 , - 0x58 ]
│ 0x100004210 000080 d2 mov x0 , 0
│ 0x100004214 1e0 c0094 bl sym CryptoKit . Insecure . SHA1 . ; sym . imp . CryptoKit . Insecure . SHA1 .
│ 0x100004218 f70300aa mov x23 , x0
│ 0x10000421c 54000090 adrp x20 , reloc . Foundation . __DataStorage . _bytes . allocator__UnsafeMutableRawPointer______ ; 0x10000c000
│ 0x100004220 947 a41f9 ldr x20 , reloc . CryptoKit . Insecure . SHA1 . ; 0x10000c2f0
│ 0x100004224 16805 ff8 ldur x22 , [ x0 , - 8 ]
Evaluation
The test fails because the MD5 and SHA1 algorithms were found in the code.
Remember that the context is important when evaluating the use of these algorithms. In some cases, the use of MD5 or SHA1 may be acceptable, for example, when the algorithm is used for checksums or non-cryptographic purposes. In order to determine that you should further analyze the reverse-engineered code and try to learn more about the context in which these algorithms are used.