What is Encryption:
Encryption has always been considered a safe haven when it comes to banking application security. Encryption is the process of encoding information in such a way that only authorized users can read/decrypt it.
Note*
When you are trying to bypass encryption, follow these methods in sequence, if the first method doesn’t work then jump to another method.
1) HardCoded Secret Key
Many times, a secret key is hardcoded into the application itself, as an attacker, we have to identify the hardcoded secret key and then decrypt the data with that secret key. There are many ways to get the hardcoded keys, for example, keys stored in the Js file, source code, comments, etc. There are different ways to get the hardcoded secret keys, in this section we will see how I found the hardcoded key in one of my projects
a) Unzip the IPA file|
unzip test.ipa |
b) Go to the binary of the IPA file
|
Cd Payload/test.app |
c) Search for keywords like UTF8, encryption, encrypt, AES, etc. because it’s very difficult and time-consuming to go in each and every js, java, and all other files in the application and analyze those files.
To save our time, we can use the below-mentioned command to search the specific keywords across all the js files of the application. If you want to search against java files, you can change the extension to .java and use the same command.
|
grep -r 'decryptData' www/*.js |
d) In the js file look at the function which is used for the encryption and decryption in my case it was encrypt(e) and decrypt(e). In this function I identified that UTF8.parse was parsing the key PKDSSAAKey.
Note* It is not necessary that every time the key name will be secretkey or something like that’s why identifying the key name from the source code is very important.
e) Now search this key name in that js file or all js files. You can see in the above/below screenshot that we found the hardcoded key
.
f) Let's observe the code again and decrypt the data.
i) The application is using AES Encryption, So Go to https://gchq.github.io/CyberChef/ for decrypting the data, you can use any other decoder as well.
ii)When the application is using AES, first we have to decode the data with either base64 or hex. Then decrypt it with AES. So try with both. In my case, base64 decoding was working.
iii) So drag and drop base64 from operations and paste the data in the input section.
iv) For AES encryption/decryption we need iv & secret key value but if we observe the code iv=n, which means secret key and iv are the same.
v) When you enter key and iv, you have to select the type and we will select UTF8 because through code we can see the application is using UTF8.
vi) Now in the Mode type, we will select ECB, as shown in the code.
vii) In the input, we will select raw, because we have firstly decoded data with base64, if we decoded data with hex then we will choose hex type in the input.
g) This is how we can decode the data with a hardcoded key and iv.
Note* It is very important to understand the logic and then go for decrypting the data, otherwise it takes a lot of time, and the chances of getting success are very low.
2) Encryption Bypass via Hardcoded logic of Encryption/Decryption in js files:
I was testing one banking application and while going through the source code I found that the application is using AES encryption. So, in order to decrypt the data and perform API-level testing, I started looking for a way to decode it. So, I started examining the JS files and discovered the encryption/decryption logic, and then we constructed a single script to encrypt and decrypt the data. Let’s see how we can do that.
Steps To Bypass Encryption via Analyzing JS files
a) Unzip the IPA file
|
unzip test.ipa |
b) Go to the binary of the IPA file
|
Cd Payload/test.app |
c) Search for keywords like encryption, encrypt, AES, etc. Because it’s very difficult to go into each js file to analyze the js file, that’s why we use this command to search from all the js files together.
|
grep -r 'decryptedData' www/*.js |
-r - To search inside the directory
d) Open that js file in the visual studio editor or in any editor and analyze the encryption logic.
Decryption Logic
Encryption Logic
e) In this case, the value of iv & salt is dynamic, which means it will generate a new iv & salt value for each request. We can see in the below screenshot that "::" is used to separate the iv and salt values.
f) Now with the help of hardcoded logic, we will create a script for encrypting and decrypting the data. I am dividing the script into 3 parts, to understand how to create the script.
- Import the library required to run this script, in my case, it was using crypto, so I have imported that library.
- GUI look for decrypting the data
- Add the hardcoded logic.
- Save this file as test.html and open it in any browser and encrypt and decrypt the data.
3) Encryption Bypass Via Frida
In one of my projects with the help of available scripts, I was able to get the hardcoded key. So firstly I decompiled the application and identified what kind of encryption they are using. Then accordingly I searched for available scripts and tried to bypass the encryption using those scripts. In addition, we can write our own script as well.
a) Enter the below-mentioned command to get the hardcoded key
frida -U -f package_name -l aes.js --no-pause
There are many scripts available on codeshare and GitHub for gaining secret key, etc, In my case I used - https://codeshare.frida.re/@dzonerzy/aesinfo/
U => To use a connected USB device as a target
f => To indicate the package name
l => To load the script aes.js => (Download the script from codeshare according to your iOS version)
--no-pause => To force the Frida to “not to pause” app execution after injecting the script.
4) Encryption bypass via hooking
For hooking, I have already written a detailed blog which you can read here, So here I will directly explain how I was able to bypass encryption via hooking in one of my applications. So we will not explain all the commands in detail here again.
Note*
In this scenario, the end goal is to find the class that sends the application's data in a decrypted format, and then we will create a script that uses that class and modifies the data at runtime to perform various attacks.
a) Identify the class which sends data in plain text.
i) Connect your device via USB and trust the device.
ii) Run the below command to connect the application to the objection and explore the application.
|
objection -g package_name explore |
iii) Run the below command to search for the specific class, search the keywords like AES, network, encryption, etc.
|
ios hooking search classes network |
|
ios hooking watch class NetworkManager |
b) Creating a script to decode & modify the data at run time, here blur part is the name of the class and “bankId” is the parameter name and “1” is the value which we are going to tamper on the runtime for performing the attacks.
c) Save the above-mentioned script as decryption.js.
d) Let's see how to test the application and modify the data at runtime.
Note*
Whenever you want to modify the script at run time, you have to inject the Frida agent in the application, instead of spawning the application. So that whenever you modify the data in the script like parameters or their values and save it. These data will get reflected there so you don’t need to run the command again.
For injecting the Frida agent you have to run the Frida command with the PID of the application, instead of the package name.
i) Enter the below-mentioned command to get pid of the running application
ii) Run the below-mentioned command and scroll the application to see decrypted data
frida -U -p 7445 -l decryption.js —no-pause
iii) Perform the below-mentioned steps to modify the data or to change the value of the parameter.
From decrypted data, take the parameter name and pass the value in the script and save the script and go to the same module of the application again and you will see the response with that passed parameter value.
So this is how you can modify the script at runtime, and perform the testing without running the command again and again with the help of the Frida agent.
5) Encryption Bypass Via JavaScript Debugging
a) How to Debug iOS application
i) Connect your iOS device to your Mac with the USB cable
ii) On iPhone, Go to Settings > Safari > Advanced and toggle on Web Inspector.
iii) In the Macbook, go to Safari > Preferences
iv) Go to Advanced => click on the checkbox Show Develop menu in the menu bar.
v) Go to develop option => click on iPhone and select your iOS Application.
b) How to set breakpoint
Go To Safari Browser => Right Click => Inspect element => Source => open Js file => double click on line , where you want to set breakpoint. So basically breakpoints are set to, pause the request, and analyze the request.
c) How to bypass encryption
Bypassing encryption via debugging is a hit and trial process, you have to analyze the js file and set the breakpoint accordingly. Usually, in the js file, you have to understand how the application is encrypting and decrypting the data and setting the breakpoints accordingly, to bypass the encryption. Sometimes we can see the data in plain text as well via setting breakpoints at the correct function.
Refer to my webinar recording Webinar: Understanding Payment Gateway Related Vulnerabilities for understanding how to use and set breakpoints. (This part will start at 54 min)
6) Encryption Bypass via Frida Tracing
Frida Tracing is used to trace the function calls.
In one of my projects, I tried other methods to bypass the encryption but those methods didn't work. So I tried Frida tracing where I searched for different words related to encryption, To check if there is any function, which is passing the data in plain text. Later I came across a function that was passing the data in plain text.
So when we run the Frida trace command, it automatically creates the folder with the name handlers, this folder contains multiple js files(These JS files contain the name of the function, which gets called while scrolling the application).
Let’s see how to perform this
a) Run the below command and scroll the application to see data in plain text
Frida-trace -U -F package_name -m ''*[* *encrrypt*]''
b) A folder with the name handlers will be created.
c) So I have gone through all the js files and identified that a js file was having a function “payment” and passing the parameter “wallet_id”. Here I came across that I can perform attacks like IDOR, SQL injection, etc.
So I opened that script and changed the value of “wallet_id” manually and saved it again for performing the IDOR attack. (This script is already created in the handler folder, we just change the parameter value).
Run the same Frida trace command:
(Frida-trace -U -F package_name -m ''*[* *encrrypt*]'')
or
Run the below command with modified script.
Frida -U -f package_name -l script.js
So this is how you can bypass the encryption via frida tracing.
7) Encryption Bypass Via Radare2
Radare2 is an open-source framework that can perform disassembly, debugging, analysis, comparing data, and manipulation of binary files. It helps to track functions & binary.
Steps To Bypass Encryption Via Radar2
1) Unzip the IPA file
|
unzip target.ipa |
2) Go to the unzipped folder and copy the binary of IPA file
|
cp payload/target.app/target test |
target = This is the binary inside the binary of the application, go inside the test.app and you will see one binary with the same name.
3) Reduce the size of binary
lipo -thin arm64 test -o test32
Lipo => Lipo is the command-line tool to reduce the binary size.
4) To Check the binary size
|
du -h test32 |
5) Analyze the js file for identifying the name of functions, so here we can see there are some functions getting passed with the name “getEncryptedPassword”
6) Go inside the application with radare2.
|
r2 test32 |
7) For tracking and dumping the data of any functions, we need the reference id of that function, so run the below command to get the “Reference id” of any function.
|
izz-function_name |
8) Now we got the reference id, so for going inside a particular function, just write the reference id and hit enter.
9) For dumping all the data of the particular function, run the below command
|
v |
10) After dumping the data, analyze the response and find the hardcoded secret key.
11) In my scenario, the secret key and iv were the same so with the help of the cyberchef decoder, we decoded the data in the same way as mentioned in the first scenario.
Note* Identifying the correct function and hardcoded key isn’t easy, it will take time, so keep patience.
Gartner and G2 recommends Appknox | See how we can help you with a free Demo!
Vaishali Nagori
_HighPerformer_HighPerformer.png)
_BestEstimatedROI_Roi.png)
