Apple Strikes Back: the iPhone Cracking Challenge









23





34 Shares

We live in the era of mobile devices with full-disk encryption, dedicated security co-processors and multiple layers of security designed to prevent device exploitation. The recent generations of Apple mobile devices running iOS 10 and 11 are especially secure, effectively resisting experts’ efforts to extract evidence. Yet, several solutions are known to counter Apple’s security measures even in iOS 11 and even for the last-generation devices. It is not surprising that Apple comes up with counter measures to restrict the effectiveness and usability of such methods, particularly by disabling USB data connection in iOS 11.4 after prolonged inactivity periods (well, in fact it is still in question whether this feature will be available in new iOS version or not; it seems it is not ready yet, and may be delayed till iOS 12).

Today, we’ll discuss the main challenges of iOS forensics, look at some of the most interesting solutions available to law enforcement, and share our experience gaining access to some of the most securely protected evidence stored in Apple iOS devices.

The iPhone Challenge

Today, the iPhone is one of the most secure mobile devices. This level of security comes not only from the exemplary implementation of full-disk encryption, but from a complex of purposely designed measures aimed at protecting the device from a wide range of exploitation techniques. As we see it, the two main challenges are:

Unlocking the iPhone if it is locked, or working directly with a locked device

Extracting data from the device

Of course, these two challenges are just the tip of the iceberg. We omitted the legal part, and we didn’t even mention the very important steps in seizing the device and preserving evidence on its way to the lab. We didn’t touch the analysis and reporting stage either. Instead, we’ll be discussing the real technical challenges.

A number of solutions exist that allow accessing evidence in a locked iPhone without actually unlocking the device through the use of lockdown records. We wrote a number of articles covering this exact topic; below are some of the recent ones:

With a risk of repeating myself, I will say that obtaining a lockdown record (a small file from the user’s computer) may help experts to extract information from an iPhone locked with an unknown passcode. At least this would be the case for timely (within 7-day timeframe ) acquisition of devices that were properly seized and transported to the lab.

Back to lockdown records: the “expiration” issue is in fact very confusing. We wrote about it back in September (see iOS 11.3 Adds Expiry Date to Lockdown (Pairing) Records), but it seems that the game has changed again.

On a side note, I should say that it becomes harder and harder to test. In our lab, we currently have over fifty iOS devices from original iPhone to iPhone X, running different iOS versions from 3 to 11.4 beta, with and without jailbreaks, as well as dozens lockdown records created at different times.

In fact, the logic behinds lockdown services operation is not 100% clear yet. We were experimenting with iOS 11.4 beta 2 and beta 3, and found that in fact lockdown records may remain valid for much longer than officially stated. In our recent experiments, we were able to reproduce the following sequence in iOS 11.4 beta 2 and 3.

Boot and unlock the iPhone; connect to computer; establish trusted relationship by confirming the “Trust this computer?” prompt. Disconnect the iPhone from the computer. Leave the phone alone for 7 days. Re-connect the phone to the computer (without unlocking the phone first) and attempt using existing lockdown record to access information.Result: we were able to access a limited set of information about the device (that is, the data connection is actually working); the list of installed applications is not available; unable to connect to AFC, shared files and backup services. Waited 7 more days (so 14 days in total after the last unlock). Disconnected the iPhone from the computer. Unlocked the phone with a passcode. Connected it back to the computer and used the same lockdown file.Result: no “Trust this computer?” prompt appeared; the lockdown file remained valid and usable, even after 14 days. Device information AVAILABLE. List of installed apps AVAILABLE. AFC, shared files and backup services AVAILABLE.

While it is still to early to make any conclusions, our preliminary thoughts are that, while USB Restricted Mode does kick in after 7 days (contrary to some reports we’ve seen online), the mode does not work the way we expected it to work. In other words, passcode recovery services such as Cellebrite and GreyKey may still work even past 7 days (no comments from them though), while logical acquisition does not. If our preliminary conclusions are correct, it is not the passcode recovery services that Apple is targeting in this update.

The biometric challenge: Face ID and Touch ID

If the passcode is not known or cannot be cracked, is it possible to unlock the device using Touch ID or Face ID? The answer is iffy, and with every iOS update, it becomes even iffier.

Starting with iOS 11, you can no longer use biometric unlock to establish trust relationship. The passcode is now required to confirm the “Trust this computer?” prompt; see New Security Measures in iOS 11 and Their Forensic Implications. In addition, you must re-enter the passcode after 48 hours since the last time you unlocked the device (for both Touch ID and Face ID); or if you didn’t use the passcode to unlock the device during the last six and a half days and Face ID has not unlocked the device in the last 4 hours. More information:

With Face ID, you will also need to enter the passcode after invoking the Emergency SOS mode.

I think it would be a great idea (for the users, not for forensics) to disable data transfers via the Lightning/USB port after invoking the Emergency SOS mode as well.

The passcode challenge

The passcode is a hallmark of iOS security. While previous versions of iOS had multiple layers of protection to safeguard user data even if the passcode was compromised, iOS 11 shifted the entire security model heavily towards the passcode. As we wrote in iOS 11 Horror Story: the Rise and Fall of iOS Security, if the attacker has the iPhone and the passcode, they can do anything and everything to the device including but not limited to:

Disable Find my iPhone and remove iCloud lock

Enable Two-Factor Authentication (if not currently enabled)

Reset iTunes backup passcode, pair the device to a computer and pull a fresh backup

Access all passwords stored on the device in iOS keychain (via logical acquisition > iTunes backup > set known password)

Change Apple ID password

Access everything stored in the iCloud including iCloud Keychain, backups, photos and synchronized data

Remotely lock or erase any other Apple devices registered on that user’s Apple account

As we demonstrated, the passcode is really the culprit for successful device extraction. Breaking the passcode can be essential for accessing a locked device if there is no valid lockdown record available.

There are several providers offering assistant to law enforcement for breaking iPhone passcodes. Cellebrite is the most well-known, offering unlock services to select law enforcement agencies. With Cellebrite, the service is provided in-house; agencies have to ship devices to a Cellebrite lab to get the job done – visit their Advanced Services page to get more info.

There is also GreyShift, a relative newcomer on the forensic arena. The company’s solution GreyKey is supplied to North American law enforcement agencies in the form of the actual unlocking hardware, allowing GreyShift customers to unlock iPhone devices without shipping out (e.g. see Mysterious $15,000 ‘GrayKey’ Promises To Unlock iPhone X For The Feds).

Both companies are very tightlipped about their methods and their technologies, claiming that any information leaked to Apple could lead to the exploit being patched in a matter of weeks. While this is undoubtedly partly true, another part of the story is concealing information from competitors. As a result of these policies, forensic customers are never told upfront as to which combination of hardware and software as well as passcode configurations can and cannot be broken within a certain timeframe.

So how does it actually work? We don’t know. The easiest way would be using a leaked Apple digital signature to sign bootrom code (which we don’t believe is the case). More likely, the methods are exploiting a series of unpatched zero-day vulnerabilities in the bootrom. In addition, one would have to come up with a solution to bypass Secure Enclave so that there would be no increasing delay between attempts (and no risk to wipe the device after the 10th consecutive unsuccessful attempt).

How fast does it actually work?

Neither company will tell you. Without circumventing Secure Enclave, you’ll be facing an increasing delay. After five unsuccessful attempts, the phone will be disabled for 1 minute. This delay increases with the number of unsuccessful attempts. This is enforced in hardware, and it is not possible to bypass unless Secure Enclave is circumvented. Interestingly, even once the iPhone becomes disabled after 10 unsuccessful attempts, once can still use a non-expired lockdown record to perform logical acquisition by making a new iTunes-style backup.

If one can circumvent Secure enclave protection, then… it is still unclear. For example, the article on Malwarebytes says:

The exact length of time varies, taking about two hours in the observations of our source. It can take up to three days or longer for six-digit passcodes, according to Grayshift documents, and the time needed for longer passphrases is not mentioned.

Then matters became even more confusing. Look at the tweet by Matthew Green:

Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling):

4 digits: ~13min worst (~6.5avg)

6 digits: ~22.2hrs worst (~11.1avg)

8 digits: ~92.5days worst (~46avg)

10 digits: ~9259days worst (~4629avg)

Some journalists later reported a 6-digit passcode can be cracked by GrayKey in less than a day (which is simply not true).

These numbers actually come from Apple’s iOS Security Guide, in particular:

The passcode is entangled with the device’s UID, so brute-force attempts must be performed on the device under attack. A large iteration count is used to make each attempt slower. The iteration count is calibrated so that one attempt takes approximately 80 milliseconds.

That’s it. There is one million possible 6-digits codes; multiply that by 80 (ms), and you will get less about 22 hours. The actual passcode cracking is in fact significantly slower, about just one passcode per second. And even this is not always the case. Some GrayKey users are saying the device may switch into a “slow brute-force mode” under certain circumstances (e.g. after trying some unspecified number of combinations).

To summarize, neither Cellebrite nor GrayShift will disclose the speed of their passcode cracking process, as well as other conditions and limitations. They do not make claims that breaking the 6-digit passcode is guaranteed, and they mention that a dictionary must be used in order to attempt the recovery or an alphanumerical passcode. Most of the articles just refer to some “unnamed sources”, while other articles just rephrase what was already said.

Imaging the file system

Suppose you have successfully unlocked the iPhone by recovering its passcode. What’s next?

First and foremost, it is essential to make a full local backup of the device. If the backup is password-protected, and you don’t know the backup password, you can simply reset that password if the phone is running iOS 11. While earlier versions of iOS did not have the ability to reset the backup password, updating to iOS 11 is a viable possibility. Either way, make sure to specify a known password when making the backup; this ensures you can decrypt the keychain and some other encrypted items.

While logical acquisition is great, it may not contain the data you need. Specifically, a local backup does not contain downloaded email messages. In addition, many instant messaging apps disallow backups, so you may not get access to certain IM conversations.

If you require access to every sandboxed app data, you will need to copy the entire file system of the device. Unsurprisingly, this will not be possible without root (superuser) access. For the general user, root access is usually only possible through a jailbreak. Jailbreaks exploit a series of CVE vulnerabilities in order to bypass kernel protection and allow installing unsigned apps. Tools such as Elcomsoft iOS Forensic Toolkit rely on existing jailbreaks to image the file system.

However, it is technically possible to image the file system without jailbreaking. Instead, a known CVE vulnerability can be exploited to allow TAR imaging code to execute on the device without installing a whole bunch of unnecessary stuff (e.g. the Cydia store).

Can you extract anything from an iPhone without the passcode (but being able to boot it)? A very limited set of information is still extractable, including the call log, some system logs and file system metadata (the complete file and folder structure including file sizes). The rest of the data is impossible to extract because of full disk encryption. This is exactly what Apple claimed in their Privacy Policy when iOS 8 was released.

“So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8,” (Tim Cook via CNet).

Apparently, such extraction was possible in iOS 7 and earlier; these, however, are beyond the scope of this article.

The benefits of file system acquisition

So how is the file system image “better” than a local iTunes-style backup? In fact, a file system image contains a different, much more extensive set of data compared to a backup. In particular, we get the following:

System settings and all logs

Third-party application data – for all apps

Huge amounts of location data (Significant locations, Wi-Fi/3G/LTE connections etc)

All temporary files (including browser cache)

WAL (Write-Ahead Logs) for all SQLite databases

Downloaded mail (even for Microsoft Exchange)

Health data

In fact there is much more – quite a lot of very useful artefacts can be discovered. Of course, an iTunes backup is also a great source of data, but with TAR, you get… well, almost everything except the keychain.

Is it possible to perform “true” physical acquisition for iOS devices, and create a DMG image of the device storage? You can forget about it since Apple started using 64-bit processors and Secure Enclave (iPhone 5S to iPhone X). You are now limited to the TAR archive, which, in fact, has almost everything you need. Unallocated space cannot be decrypted anyway.

The different acquisition approaches

So what will GreyKey do once the passcode is recovered? They either exploit some CVE vulnerabilities to gain root privileges or operate right from the custom firmware, and save a TAR file containing the image (or, rather, a copy) of the file system.

What will ElcomSoft do? We won’t break the passcode, yet we can still use a lockdown record to extract some information from a locked iPhone. But what if you do know the passcode, or what if there is no passcode at all?

If this is the case, we (Elcomsoft iOS Forensic Toolkit) will make a TAR image of the file system; the very same TAR image as one can obtain with GreyKey. However, our tool requires you to manually jailbreak the iPhone before the extraction. At this time, a working jailbreak exists for all versions of iOS 10 and 11 up to and including iOS 11.1.2. For newer versions of iOS 11, you can still try GreyKey who claim passcode recovery support for iOS 11.3, or send your device to Cellebrite (if you can afford the related privacy and security risks).

The reaction of the forensic community

That was really funny. In last couple of weeks, at least four major forensic companies declared that they added support for GrayShift-provided images. Here they are (I just redacted the company/product names):

Physical acquisition of a locked iPhone anyone? GrayKey gets the richest physical image on the market. Put that image into AAA for some data recovery magic!

Some fantastic news 4 BBB from our federal/state/local LE users of #grayshift #graykey technology! BBB is recovering & displaying more files than any current mobile phone tool!

The support for GrayKey extractions is a first. GrayKey is a new technology from GrayShift that enables the unlocking and extraction of many iPhone models. With this release, CCC users can import those files into CCC with just a few clicks.

What’s the best tool to support #GrayKey? The same tool that’s best to support any Apple device – DDD! Just like our industry-leading APFS support, we’re happy to provide the best support in the industry for analyzing GrayKey images.

As we already know, GreyKey provides a TAR file as the acquisition result. In fact, it is the same file you could create with iOS Forensic Toolkit, or… by simply using an SSH command! That’s right; for jailbroken devices, it is (and always was) possible to capture the file system image manually, without any third-party software. This fact was known since iPhone 4S (the first iPhone without a public bootrom vulnerability), and of course all forensic companies (including the ones I quoted above) were aware of the fact, and were already able to work with such TAR archives. But who cares, let’s just add the #GrayKey tag and make some quick profit from this topic while it is still hot!

A word on iCloud acquisition

If physical extraction is that complex, what about cloud acquisition then?

Cloud extraction is still a very effective method, and sometimes the only one you may have available (for example, if you do not have access to the actual device, or the device is damaged, or you cannot break the passcode). We wrote about it more than once, but let’s outline the main benefits once again:

The device is not required

You obtain information from all the devices signed into the Apple account

In many cases, you can get complete device backups

Real-time data is also available

Some unique data (not available in local backups) is accessible

Of course, there are limitations as well. The major showstopper is the fact that you will need to obtain the user’s credentials, their Apple ID and password. You may also require access to the second authentication factor, or, alternatively, the authentication token.

But that’s not everything. Apple is unhappy about third-party access to iCloud, and especially to iCloud backups. About a year ago, they started locking users’ iCloud accounts (forcing users to change the password) after using third-party software to access iCloud backups. We discovered a workaround, but recently Apple restricted iCloud access even further. These days, we sometimes experience the account lock even if we simply list available devices and backups.

To complicate things even further, unlocking a locked account is not as easy as it used to be. In addition to the verification code sent to the trusted number, you may also need to complete the form on Apple web site. Fortunately, this usually only happens when you download iCloud backups. Accessing synced data (call logs, notes, web browsing history, Apple Maps data, Photo Library and even the iCloud Keychain) is still safe. Technically speaking, Apple has everything it needs to limit iCloud access exclusively registered devices. However, such limitation would be a very bad move for the community, making Apple ecosystem even more closed down than it is now. Its effect on mobile forensics would be devastating as well, without bringing any tangible benefits to the user.

On the other hand, more and more data goes to the cloud. iOS 11.4 should finally feature iMessage sync announced almost a year ago at the time of iOS 11 presentation, but pushed back several times for almost a year. Many third-party apps store their data in the cloud. We strongly believe that iCloud acquisition will quickly become the most effective method in iOS forensics, if not the only one left.