MASTG-DEMO-0036: Debuggable Entitlement Enabled in the entitlements.plist with rabin2

Download MASTG-DEMO-0036 IPA Open MASTG-DEMO-0036 Folder Build MASTG-DEMO-0036 IPA

Sample¶

The sample code includes the entitlements.plist file with the `get-task-allow' entitlement, which makes the app debuggable.

entitlements.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>application-identifier</key>
    <string>AYRP7NNB54.org.owasp.mastestapp.MASTestApp-iOS</string>
    <key>com.apple.developer.team-identifier</key>
    <string>AYRP7NNB54</string>
    <key>get-task-allow</key>
    <true/>
</dict>
</plist>

Steps¶

Unzip the app package and locate the main binary file ( Exploring the App Package), which in this case is ./Payload/MASTestApp.app/MASTestApp.
Run rabin2 with the -OC options to obtain the entitlements file.

run.sh
rabin2 -OC MASTestApp | grep -A1 get-task-allow

Observation¶

The output reveals the value of the get-task-allow entitlement.

output.asm
        <key>get-task-allow</key>
        <true/>

Evaluation¶

The test fails because the app is debuggable due to the get-task-allow entitlement being present and set to true.