Security Research & Defense

David H Hoyt LLC

, , , ,

SRT 24.100.3 PR42

David Hoyt is an independent, authoritative source for Best Practices & Transparency. Hoyt works Independently to improve the User Experience & Security of Internet Products & Services.
>> Home » Blog » SRT 24.100.3

Estimated reading time: 4 minutes

Last Updated

THU 2 JUN 2022 at 0705 EDT

Executive Summary

This Article provides an Overview of the Release of Security Research Tools Version (SRT) 24.100.3 and the Revisions to Code in Pull Request #42 which was not accepted by Apple. My latest, working ./example-cryptex/ with Installation Instructions can be found at URL https://github.com/xsscx/srd.

PR42 Test Installation

/bin/bash -c "$(curl -fsSL /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/xsscx/srd/main/dmg/install.sh)"

Table of contents

PR42

Pull Request #42 contains a number of suggested changes, for example:

.PHONY: clean
clean:
	rm -rf ${CRYPTEX_ROOT_DIR} ${CRYPTEX_DMG_NAME} ${CRYPTEX_ID}.cptx
	rm -rf include
	# Loop through each project and call its clean target
	$(foreach proj,$(PROJECT_DIRS),$(MAKE) $(EXTRA_MAKE_FLAGS) -C $(proj) clean;)

Whereas the Filenames to be Deleted are named:

com.example.cryptex.cxbd
com.example.cryptex.cxbd.signed

Makefile Change

< cryptexctl -v9 -d9 -ldt install --print-info ./com.example.cryptex.cxbd (21C80)
> cryptexctl -v4 -d4 install --variant=research --persist --print-info ./com.example.cryptex.cxbd.signed (21C39)

Paste the following command into your Terminal to Troubleshoot a Cryptex Installation to your SRD:

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/xsscx/srd/main/SecurityResearchTools_21C39/example-cryptex/srd-cryptex-troubleshooter.sh)"

Sample Output

Mon Jan 17 07:36:48 EST 2022
Darwin mini.local 21.2.0 Darwin Kernel Version 21.2.0: Sun Nov 28 20:28:54 PST 2021; root:xnu-8019.61.5~1/RELEASE_X86_64 x86_64
Darwin Cryptex Management Interface Version 2.0.0: Sun Dec 19 22:28:12 PST 2021; root:libcryptex_executables-169.80.2~9/cryptexctl/WEN_ETA_X86_64
machdep.cpu.brand: 0
machdep.cpu.brand_string: Intel(R) Core(TM) i7-8700B CPU @ 3.20GHz
System Integrity Protection status: disabled.
...
cryptexctl.research:   executable_path => /usr/local/bin/cryptexctl.research
cryptexctl.research:   ptr_munge =>
cryptexctl.research:   main_stack =>
cryptexctl.research:   executable_file => 0x1c01000006,0x53ca9
cryptexctl.research:   dyld_file => 0x1c01000006,0xfffffff000e3982
cryptexctl.research:   executable_cdhash => 50da1fdfbd3511624b146f0dbf201e7e305a74ae
cryptexctl.research:   executable_boothash => 4a503cd7f10ec917ef7203df2f670ad4c20962a3
cryptexctl.research:   th_port =>
will persist cryptex

Screen Captures

Apple Security Research Device iPhone 12 with AMFI_Research rejecting CT on debugserver, ASAN + UBSAN Dylib
Apple Security Research Device iPhone 12 with AMFI_Research rejecting CT on debugserver, ASAN + UBSAN Dylib
Apple Security Research Device iPhone 12 with AMFI_Research accepting CT on debugserver + UBSAN Dylibs for 15.4_19E5235a
Apple Security Research Device iPhone 12 with AMFI_Research accepting CT on debugserver + UBSAN Dylibs for 15.4_19E5235a
Apple Security Research Device iPhone 12 with AMFI_Research accepting CT on debugserver and Address Santizer Dylib
Apple Security Research Device iPhone 12 with AMFI_Research accepting CT on debugserver and Address Santizer Dylib
Apple Security Research Device iPhone 12 with AMFI_Research rejecting CT on debugserver and UBSAN Dylib
Apple Security Research Device iPhone 12 with AMFI_Research rejecting CT on debugserver and UBSAN Dylib
Apple Security Research Device iPhone 11 with CoreTrust Entitlement Issues preventing debugserver and Address Santizer Dylibs Rejected
Apple Security Research Device iPhone 11 with CoreTrust Entitlement Issues preventing debugserver and Address Santizer Dylibs Rejected
Apple Security Research Device iPhone 11 with CoreTrust Entitlement Issues preventing debugserver and Address Santizer Dylibs on M1 T8101 Host
Apple Security Research Device iPhone 11 with CoreTrust Entitlement Issues preventing debugserver and Address Santizer Dylibs on M1 T8101 Host
Apple Security Research Device iPhone 12 with CoreTrust Entitlement Issues
Apple Security Research Device iPhone 12 with CoreTrust Entitlement Issues preventing debugserver and Address Santizer Dylibs
Apple Security Research Device iPhone 12 with CoreTrust Entitlement Issues preventing debugserver and Address Santizer Dylibs on M1 T8101 Host
Apple Security Research Device iPhone 12 with CoreTrust Entitlement Issues preventing debugserver and Address Santizer Dylibs on M1 T8101 Host

SRD Console Log Sample

Sample Search for AppleMobileFileIntegrity_research

Apple Security Research Device CoreTrust Code Signature Failure on iPhone 12 for debugserver + Address Sanitizer Dylibs
Apple Security Research Device CoreTrust Code Signature Failure on iPhone 12 for debugserver + Address Sanitizer Dylibs

Discover more from Security Research & Defense

Subscribe now to keep reading and get access to the full archive.

Continue reading