sock-puppet / iphone-dataprotection

Automatically exported from code.google.com/p/iphone-dataprotection
0 stars 0 forks source link

emf_decrypter.py doesn’t decrypt image #38

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Do everything described in the README at 
http://code.google.com/p/iphone-dataprotection/wiki/README up to and including 
./dump_data_partition.sh
2. Run
python_scripts/emf_decrypter.py --nowrite UDID/data_DATE.dmg 
(substituting the correct values, of course). 

What is the expected output? What do you see instead?

I had hoped for a decrypted image. Instead I got the following:
Keybag: SIGN check OK
Keybag unlocked with passcode key
Not an EMF image, no root com.apple.system.cprotec xattr
Test mode : the input file will not be modified
Press a key to continue or CTRL-C to abort

Traceback (most recent call last):
  File "python_scripts/emf_decrypter.py", line 24, in <module>
    main()
  File "python_scripts/emf_decrypter.py", line 21, in main
    v.decryptAllFiles()
  File "/Volumes/Voodoo/iphone-dataprotection/python_scripts/hfs/emf.py", line 164, in decryptAllFiles
    self.catalogTree.traverseLeafNodes(callback=self.decryptFile)
  File "/Volumes/Voodoo/iphone-dataprotection/python_scripts/hfs/btree.py", line 142, in traverseLeafNodes
    callback(k,v)
  File "/Volumes/Voodoo/iphone-dataprotection/python_scripts/hfs/emf.py", line 177, in decryptFile
    fk = self.getFileKeyForCprotect(cprotect)
  File "/Volumes/Voodoo/iphone-dataprotection/python_scripts/hfs/emf.py", line 125, in getFileKeyForCprotect
    if self.cp_root.major_version == 2:
AttributeError: 'EMFVolume' object has no attribute 'cp_root'

What version of the product are you using? On what operating system?
hg clone https://code.google.com/p/iphone-dataprotection/ 
on Mac OS X 10.6.8

Original issue reported on code.google.com by g3po...@gmail.com on 7 Jan 2012 at 7:44

GoogleCodeExporter commented 9 years ago
This is on an iPad 3G BTW.

Original comment by g3po...@gmail.com on 7 Jan 2012 at 7:44

GoogleCodeExporter commented 9 years ago
i just pushed a fix. can you update (hg pull && hg update) and retry ?
However you mentioned that the EMF and DKey were all zeroes and this is another 
problem (the decryption will fail without these keys). A few questions :
- did you use the ramdisk or did you dump from a running ios ?
- did the kernel_patcher.py script find all the kernel patches ?
- did you get any errors when the plist file was created ? 

Original comment by jean.sig...@gmail.com on 7 Jan 2012 at 8:13

GoogleCodeExporter commented 9 years ago
(scratch the first question)

Original comment by jean.sig...@gmail.com on 7 Jan 2012 at 8:15

GoogleCodeExporter commented 9 years ago
This is a protocol of creating the ramdisk with the current commit from the hg 
repo:

g3-power:iphone-dataprotection g3$ python python_scripts/kernel_patcher.py 
/Volumes/Voodoo/Downloads/2012-01-07/iPad1,1_5.0.1_9A405_Restore.ipsw 
Decrypting kernelcache.release.k48
Unpacking ...
Doing CSED patch
Doing getxattr system patch
Doing _PE_i_can_has_debugger patch
Doing IOAESAccelerator enable UID patch
Doing AMFI patch
Patched kernel written to kernelcache.release.k48.patched
Created script make_ramdisk_k48ap.sh, you can use it to (re)build the ramdisk
g3-power:iphone-dataprotection g3$ sudo ./make_ramdisk_k48ap.sh 
g3-power:iphone-dataprotection g3$ chmod 755 make_ramdisk_k48ap.sh 
g3-power:iphone-dataprotection g3$ sudo ./make_ramdisk_k48ap.sh 
Found iOS SDK 5.0
ln -s /System/Library/Frameworks/IOKit.framework/Versions/Current/Headers IOKit
/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/arm-apple-darwin10-llvm
-gcc-4.2 -Wall -isysroot 
/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk/ 
-framework IOKit -framework CoreFoundation -framework Security -O3 -I. -o 
device_infos device_infos.c device_info.c IOAESAccelerator.c 
AppleEffaceableStorage.c AppleKeyStore.c bsdcrypto/pbkdf2.c bsdcrypto/sha1.c 
bsdcrypto/key_wrap.c bsdcrypto/rijndael.c util.c IOKit.c registry.c
device_infos.c: In function ‘main’:
device_infos.c:9: warning: initialization discards qualifiers from pointer 
target type
AppleEffaceableStorage.c:50:25: warning: multi-character character constant
bsdcrypto/pbkdf2.c: In function ‘pkcs5_pbkdf2’:
bsdcrypto/pbkdf2.c:102: warning: pointer targets in passing argument 3 of 
‘hmac_sha1’ differ in signedness
bsdcrypto/pbkdf2.c:106: warning: pointer targets in passing argument 3 of 
‘hmac_sha1’ differ in signedness
bsdcrypto/key_wrap.c: In function ‘aes_key_wrap’:
bsdcrypto/key_wrap.c:71: warning: pointer targets in passing argument 2 of 
‘rijndael_encrypt’ differ in signedness
bsdcrypto/key_wrap.c:71: warning: pointer targets in passing argument 3 of 
‘rijndael_encrypt’ differ in signedness
bsdcrypto/key_wrap.c: In function ‘aes_key_unwrap’:
bsdcrypto/key_wrap.c:106: warning: pointer targets in passing argument 2 of 
‘rijndael_decrypt’ differ in signedness
bsdcrypto/key_wrap.c:106: warning: pointer targets in passing argument 3 of 
‘rijndael_decrypt’ differ in signedness
ld: warning: -force_cpusubtype_ALL will become unsupported for ARM architectures
ldid -S device_infos
/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/arm-apple-darwin10-llvm
-gcc-4.2 -Wall -isysroot 
/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk/ 
-framework IOKit -framework CoreFoundation -framework Security -O3 -I. -o 
restored_external restored_external.c device_info.c remote_functions.c 
plist_server.c AppleKeyStore.c AppleEffaceableStorage.c IOKit.c 
IOAESAccelerator.c util.c registry.c AppleKeyStore_kdf.c bsdcrypto/pbkdf2.c 
bsdcrypto/sha1.c bsdcrypto/rijndael.c bsdcrypto/key_wrap.c
restored_external.c: In function ‘init_usb’:
restored_external.c:34: warning: implicit declaration of function 
‘IOUSBDeviceDescriptionCopyInterfaces’
restored_external.c:34: warning: initialization makes pointer from integer 
without a cast
restored_external.c:89: warning: value computed is not used
restored_external.c:91: warning: value computed is not used
restored_external.c:93: warning: value computed is not used
restored_external.c:95: warning: value computed is not used
restored_external.c:97: warning: value computed is not used
remote_functions.c: In function ‘keybag_get_passcode_key’:
remote_functions.c:140: warning: pointer targets in passing argument 2 of 
‘AppleKeyStore_getPasscodeKey’ differ in signedness
AppleEffaceableStorage.c:50:25: warning: multi-character character constant
AppleKeyStore_kdf.c: In function ‘AppleKeyStore_getPasscodeKey’:
AppleKeyStore_kdf.c:31: warning: pointer targets in passing argument 3 of 
‘pkcs5_pbkdf2’ differ in signedness
bsdcrypto/pbkdf2.c: In function ‘pkcs5_pbkdf2’:
bsdcrypto/pbkdf2.c:102: warning: pointer targets in passing argument 3 of 
‘hmac_sha1’ differ in signedness
bsdcrypto/pbkdf2.c:106: warning: pointer targets in passing argument 3 of 
‘hmac_sha1’ differ in signedness
bsdcrypto/key_wrap.c: In function ‘aes_key_wrap’:
bsdcrypto/key_wrap.c:71: warning: pointer targets in passing argument 2 of 
‘rijndael_encrypt’ differ in signedness
bsdcrypto/key_wrap.c:71: warning: pointer targets in passing argument 3 of 
‘rijndael_encrypt’ differ in signedness
bsdcrypto/key_wrap.c: In function ‘aes_key_unwrap’:
bsdcrypto/key_wrap.c:106: warning: pointer targets in passing argument 2 of 
‘rijndael_decrypt’ differ in signedness
bsdcrypto/key_wrap.c:106: warning: pointer targets in passing argument 3 of 
‘rijndael_decrypt’ differ in signedness
ld: warning: -force_cpusubtype_ALL will become unsupported for ARM architectures
ldid -Skeystore_device.xml restored_external
/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/arm-apple-darwin10-llvm
-gcc-4.2 -Wall -isysroot 
/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk/ 
-framework IOKit -framework CoreFoundation -framework Security -O3 -I. -o 
bruteforce systemkb_bruteforce.c AppleKeyStore.c AppleEffaceableStorage.c 
IOKit.c IOAESAccelerator.c util.c registry.c AppleKeyStore_kdf.c 
bsdcrypto/pbkdf2.c bsdcrypto/sha1.c bsdcrypto/rijndael.c bsdcrypto/key_wrap.c 
device_info.c
systemkb_bruteforce.c: In function ‘saveKeybagInfos’:
systemkb_bruteforce.c:27: warning: implicit declaration of function 
‘device_info’
systemkb_bruteforce.c:27: warning: initialization makes pointer from integer 
without a cast
systemkb_bruteforce.c: In function ‘main’:
systemkb_bruteforce.c:202: warning: implicit declaration of function 
‘AppleKeyStore_getClassKeys’
systemkb_bruteforce.c:202: warning: initialization makes pointer from integer 
without a cast
AppleEffaceableStorage.c:50:25: warning: multi-character character constant
AppleKeyStore_kdf.c: In function ‘AppleKeyStore_getPasscodeKey’:
AppleKeyStore_kdf.c:31: warning: pointer targets in passing argument 3 of 
‘pkcs5_pbkdf2’ differ in signedness
bsdcrypto/pbkdf2.c: In function ‘pkcs5_pbkdf2’:
bsdcrypto/pbkdf2.c:102: warning: pointer targets in passing argument 3 of 
‘hmac_sha1’ differ in signedness
bsdcrypto/pbkdf2.c:106: warning: pointer targets in passing argument 3 of 
‘hmac_sha1’ differ in signedness
bsdcrypto/key_wrap.c: In function ‘aes_key_wrap’:
bsdcrypto/key_wrap.c:71: warning: pointer targets in passing argument 2 of 
‘rijndael_encrypt’ differ in signedness
bsdcrypto/key_wrap.c:71: warning: pointer targets in passing argument 3 of 
‘rijndael_encrypt’ differ in signedness
bsdcrypto/key_wrap.c: In function ‘aes_key_unwrap’:
bsdcrypto/key_wrap.c:106: warning: pointer targets in passing argument 2 of 
‘rijndael_decrypt’ differ in signedness
bsdcrypto/key_wrap.c:106: warning: pointer targets in passing argument 3 of 
‘rijndael_decrypt’ differ in signedness
ld: warning: -force_cpusubtype_ALL will become unsupported for ARM architectures
ldid -Skeystore_device.xml bruteforce
Downloading ssh.tar.gz from googlecode
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 3022k  100 3022k    0     0   863k      0  0:00:03  0:00:03 --:--:-- 1698k
Archive:  /Volumes/Voodoo/Downloads/2012-01-07/iPad1,1_5.0.1_9A405_Restore.ipsw
  inflating: 038-3715-001.dmg        
TAG: TYPE OFFSET 14 data_length:4
TAG: DATA OFFSET 34 data_length:1041000
TAG: SEPO OFFSET 1041040 data_length:4
TAG: KBAG OFFSET 104105c data_length:38
KBAG cryptState=1 aesType=100
TAG: KBAG OFFSET 10410a8 data_length:38
TAG: SHSH OFFSET 104110c data_length:80
TAG: CERT OFFSET 1041198 data_length:794
Decrypting DATA section
Decrypted data seems OK : ramdisk
/dev/disk2                                              /Volumes/ramdisk
"disk2" unmounted.
"disk2" ejected.
myramdisk.dmg created
You can boot the ramdisk using the following command (fix paths)
redsn0w -i 
/Volumes/Voodoo/Downloads/2012-01-07/iPad1,1_5.0.1_9A405_Restore.ipsw -r 
myramdisk.dmg -k kernelcache.release.k48.patched

Original comment by g3po...@gmail.com on 8 Jan 2012 at 10:18

GoogleCodeExporter commented 9 years ago
I can’t find any errors in the above. 

Original comment by g3po...@gmail.com on 8 Jan 2012 at 10:19

GoogleCodeExporter commented 9 years ago
ok, in the plist file, are the values key835,key89B and lockers present and 
contain meaningful data (ie not 0s) ?
also when you ran ./dump_data_partition.sh was there any errors displayed ?
thanks

Original comment by jean.sig...@gmail.com on 8 Jan 2012 at 10:54

GoogleCodeExporter commented 9 years ago
The values for key835 and key89B are both present and contain 32 hex-digits.

I looked out for them, but I don’t remember seeing any errors when running 
./dump_data_partition.sh.

Original comment by g3po...@gmail.com on 8 Jan 2012 at 11:49

GoogleCodeExporter commented 9 years ago
I have created a backup of the data partition at /mnt2 via scp. It appears to 
be complete. 

I need to restore the iPad for use as soon as possible. 
Is there anything I can do or prepare now to help untangle this issue further 
or will restoring destroy any chances of getting at the correct values for EMF 
and DKey? 
Can they be calculated from other values that are available?

Original comment by g3po...@gmail.com on 8 Jan 2012 at 12:01

GoogleCodeExporter commented 9 years ago
ok, so there is no "lockers" in the plist file ?
can you ssh into the ramdisk, run ./device_infos and look for errors ?
if you restore then the EMF and DKey will be wiped, they are calculated using 
the missing lockers data and the two keys (835 & 89b).
also i see you used the 5.0.1 ipsw, this is probably not the issue but maybe 
you can retry the whole process (except the data partition dump) using the 5.0 
one.

Original comment by jean.sig...@gmail.com on 8 Jan 2012 at 1:14

GoogleCodeExporter commented 9 years ago
Ok. ./device_infos does not produce any errors. The resulting plist file is 
similar to the one next to the encrypted dd image by the same name. It lacks 
the top level key-value pairs for KeyBagKeys, classKeys, keybags, passcode and 
passcodeKey.

Original comment by g3po...@gmail.com on 8 Jan 2012 at 10:41

GoogleCodeExporter commented 9 years ago
I recreated the ramdisk with 5.0 as requested. 
python python_scripts/demo_bruteforce.py
Results in the exact same files being generated.

Original comment by g3po...@gmail.com on 8 Jan 2012 at 11:26

GoogleCodeExporter commented 9 years ago
BTW: There is a lockers key in the plist. It contains 1920 hex characters, only 
the first 136 of which are non 0.

Original comment by g3po...@gmail.com on 9 Jan 2012 at 10:35

GoogleCodeExporter commented 9 years ago
ok so no lockers in any case ? this is weird, does the device boots normally 
(you mentionned you need to restore) ?

Original comment by jean.sig...@gmail.com on 9 Jan 2012 at 10:35

GoogleCodeExporter commented 9 years ago
No. That is why I needed a backup. ;)

Original comment by g3po...@gmail.com on 9 Jan 2012 at 10:39

GoogleCodeExporter commented 9 years ago
I will retry after the restore. If it works then, we will know that something 
was hosed that your code depended upon, right?

Original comment by g3po...@gmail.com on 9 Jan 2012 at 10:45

GoogleCodeExporter commented 9 years ago
you have non empty lockers, key835 and key89B, but EMF and DKey are zeroes 
right ?
if so, can you send me the plist file by email ? that would help understand the 
issue. thanks

Original comment by jean.sig...@gmail.com on 9 Jan 2012 at 10:53

GoogleCodeExporter commented 9 years ago
Sure. I tried to find your non-truncated email address, but have so far been 
unsuccessful.

Original comment by g3po...@gmail.com on 9 Jan 2012 at 1:44

GoogleCodeExporter commented 9 years ago
Apparently the EMF and DKey lockers were erased when updating from iOS 4 to iOS 
5 (!). Without those keys emf_decrypter cannot work.

Original comment by jean.sig...@gmail.com on 21 Jan 2012 at 4:49

GoogleCodeExporter commented 9 years ago
hey all, trying to recover images for a friend... ive got the data partition 
successfully. getting this:

Keybag: SIGN check OK
Keybag unlocked with passcode key
cprotect version : 2
WARNING ! This tool will modify the hfs image and possibly wreck it if 
something goes wrong !
Make sure to backup the image before proceeding
You can use the --nowrite option to do a dry run instead
Press a key to continue or CTRL-C to abort

and its been running for almost 24 hours now... does this make sense? ive 
already backup up the dmg... the docs say it updates it in place, but the file 
mod date hasnt changed, nor has the size... should i keep waiting? cut it? 
anyone know how i can know if it is really doing anything or just 'stuck'
?

much appreciated!

Original comment by lifeinch...@gmail.com on 17 Feb 2012 at 4:14

GoogleCodeExporter commented 9 years ago
sorry to ask but did you "press a key to continue" (in fact i think you need to 
press the enter key) ? it should display "decrypting" for each file it 
processes in the image.

Original comment by jean.sig...@gmail.com on 18 Feb 2012 at 11:40

GoogleCodeExporter commented 9 years ago
yes - the obvious first... i did.. many times.. but also expected something to 
happen, some output and nothing.. it just froze, with the cursor blinking and 
so i wasnt sure. that it *does* spit out stuff for each file is good news, so 
now i know it wasnt working properly.. question is why, and why no error output

gonna copy the backup image i have and try again. i wonder if a path is 
screwey, will check the script itself.

thanks...

Original comment by lifeinch...@gmail.com on 18 Feb 2012 at 7:11

GoogleCodeExporter commented 9 years ago
wierd. before doing that, i wanted to see if i can mount the dmg. double 
clicking it mounted it, opening it and i see what looks like an iphone phone 
structure. see attached. im able to browse around, but when i try to open files 
in the /mobile/media/DCIM folder its getting errors.. "file may be damaged or 
in a file format Preview doesnt recognize."

If I am at this step, this is successfully decrypted, right? At this point, 
this is a data issue, which I should check over at PhoneRec forums? 

Original comment by lifeinch...@gmail.com on 18 Feb 2012 at 7:54

Attachments:

GoogleCodeExporter commented 9 years ago
The dmg can be mounted even if the image is not decrypted (because only the 
"file contents" are encrypted). The error messages when opening files mean that 
emf_decrypter.py did nothing (which is consistent if you said the file 
modification time did not change).
There is probably a bug in emf_decrypter.py if it runs forever without 
displaying "Decrypting". Can you try again and then interrupt the script 
(CTRL+C) and post the python traceback here ? Thanks

Original comment by jean.sig...@gmail.com on 19 Feb 2012 at 3:49

GoogleCodeExporter commented 9 years ago
ahh.. that make sense. thanks for clarifying. still hope i guess... will get 
back to you soon.

Original comment by lifeinch...@gmail.com on 20 Feb 2012 at 1:52

GoogleCodeExporter commented 9 years ago
it worked! and PhotoRec is finding images of the unallocated portion of the 
disk. Whoo hoo!
Thanks to spent so much time and effort for making these tools, and most 
importantly, opening them up to the world for free.

This is one of those things that really has an effect on people, you've helped 
save precious memories!

Cheers
- SD

Original comment by lifeinch...@gmail.com on 20 Feb 2012 at 3:01