iOS’s keychain has gone through a lot of improvements since its inception. One notable feature is the introduction of access controls from iOS 8 which allows more granular control over an item. This presentation aims to explore the new access control object, by taking help from apple open-source code and reversing Security.Framework. The talk also presents a new tool (GUI and CLI) that allows dumping of keychain items, supporting iOS 9, with the additional information of the access control of an item. Furthermore, the tool allows to edit or delete existing keychain items.
Nitin Jami is a security consultant with the NCC Group. Nitin has led and participated in many web and mobile security assessments. Nitin’s main interest lie in OS internals, and spends most of his spare time understanding iOS/OS X internals. He also provides internal and external trainings on mobile application testing. Nitin received a Master of Science in CyberSecurity from NYU Poly and helped run school’s hacknight program.