ChrisPritchard
commented
8 months ago discovered during a ctf where localstate os_crypt was like: "os_crypt":{"app_bound_fixed_data":"...","encrypted_key":"..."}
Open ChrisPritchard opened 8 months ago
ChrisPritchard
commented
8 months ago discovered during a ctf where localstate os_crypt was like: "os_crypt":{"app_bound_fixed_data":"...","encrypted_key":"..."}
os_crypt can contain multiple fields, and encrypted_key is not guarenteed to be first
however, to my knowledge, encrypted_key as a field name is only in local state once so simply searching for that alone should suffice.