Estimated reading time: 3 minutes
The srdutil utility is used to Checkin your Device with Apple Corporation. Apple Requires that you set a cron job to checkin your SRD with the Mothership every 2 weeks.
- PR42: https://github.com/apple/security-research-device/pull/42
- Universal DMG: https://xss.cx/srd/dmg/srd-universal-cryptex.dmg
- ASAN Beta DMG: https://xss.cx/srd/dmg/srd-asan-cryptex-beta.dmg
- UBSAN Beta DMG: https://xss.cx/srd/dmg/srd-ubsan-cryptex-beta.dmg
- Install: https://github.com/xsscx/srd/tree/main/dmg#readme
- Discussion: nvram settings disabling KTRR, CTRR and kASLR https://github.com/apple/security-research-device/discussions/2
- Build Entitlements Issues for PR 42, 48, 49 https://github.com/xsscx/srd/blob/main/srd_tools-24.100.3/example-cryptex/srd-iphone11-iphone12-entitlements-testing-sample-example.md
SRDUTIL-CHECKIN(1) BSD General Commands Manual SRDUTIL-CHECKIN(1)
srdutil checkin — Security Research Device checkin utility
srdutil checkin [-v | –verbose] [-e | –ecid ECID] [-t | –token API-TOKEN] [-u | –user USER]
srdutil checkin is the srdutil subcommand for affirming with the Security Research Device Program (SRDP) that a device is in a given user’s physical posession.
The device does not need to be connected to be checked in with the SRDP checkin server.
List of options and their descriptions:
-e | --ecid ECID The ECID of the device to affirm is in the user's physical possession. The ECID can be retrieved from the list subcommand of cryptexctl-device(1) or from srdutil-restore(1). Defaults to the value of the environment variable SRDUTIL_CHECKIN_ECID. -t | --token API-TOKEN The API token to be used for the request to the SRDP checkin server. This is currently baked into the srdutil utility, but will be provided separately in the future. Defaults to the value of the environment variable SRDUTIL_CHECKIN_TOKEN. -u | --user USER The Apple ID of the user affirming physical possession of the device. In the future this will be tied to a particular API-TOKEN. Defaults to the value of the environment variable SRDUTIL_CHECKIN_USER. -v | --verbose Enable verbose output.
The following environment variables are used by srdutil checkin.
SRDUTIL_CHECKIN_ECID Sets a default value for the --ecid option. SRDUTIL_CHECKIN_TOKEN Sets a default value for the --token option. SRDUTIL_CHECKIN_USER Sets a default value for the --user option.
cryptexctl(1), cryptexctl-device(1), srdutil-restore(1)
Introduced in macOS 11.0
Darwin August 14, 2020 Darwin
A verified working example is shown below:
srdutil checkin -v -e 0xsupersecret -u srd0009 * Trying 18.104.22.168... * TCP_NODELAY set * Connected to srd-checkin-api.apple.com (22.214.171.124) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use h2 * Server certificate: * subject: CN=srd-checkin-api.apple.com; OU=management:idms.group.5557870; O=Apple Inc.; ST=California; C=US * start date: Jul 9 19:55:36 2020 GMT * expire date: Aug 8 19:55:36 2022 GMT * subjectAltName: host "srd-checkin-api.apple.com" matched cert's "srd-checkin-api.apple.com" * issuer: CN=Apple Public Server RSA CA 12 - G1; O=Apple Inc.; ST=California; C=US * SSL certificate verify ok. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * Using Stream ID: 1 (easy handle 0x7fa794808200) > POST /checkin HTTP/2 Host: srd-checkin-api.apple.com Accept: */* api-token: sbjQsCBFFuPAKXxOfphFRFP0RTLNzMe6kejiztVeZLWAwQAWEZz55v6Ld Content-Type: application/json Content-Length: 79 * Connection state changed (MAX_CONCURRENT_STREAMS == 128)! * We are completely uploaded and fine < HTTP/2 200 < server: Apple < date: Wed, 30 Jun 2021 10:40:43 GMT < content-type: text/html; charset=utf-8 < content-length: 0 < strict-transport-security: max-age=31536000; includeSubdomains < x-frame-options: SAMEORIGIN < x-content-type-options: nosniff < x-xss-protection: 1; mode=block < content-security-policy: default-src 'self' < * Connection #0 to host srd-checkin-api.apple.com left intact [+] Device verysupersecret checked in for user srd0009 * Closing connection 0
Example SRD Cryptex DMG Install
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/xsscx/srd/main/dmg/install.sh)"