search

xsscx / srd

Welcome to Hoyt's SRD Repo for the Apple Security Research Device. Contribute Code or Open an Issue or Discussion.
Other
63 stars 12 forks source link

SUMMARY: Example com.apple.system.logging.plist for SRD #32

Closed xsscx closed 2 years ago

xsscx commented 2 years ago

It has been found that the SRD supports com.apple.system.logging.plist.

Reproduction: ssh to the SRD and CopyPasta

echo '<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"><dict><key>Enable-Private-Data</key><true/></dict></plist>' > /Library/Preferences/Logging/com.apple.system.logging.plist

That will turn on some helpful logging , with a kill - HUP to logd

Using the example .plist on the iPhone 12, we see Logging Details for the Console Log Messages.

default 17:31:00.135083-0400    cryptexd    AMSupportPlatformCreateBufferFromNativeFilePath: open failed: No such file or directory
default 17:31:00.135283-0400    cryptexd    AMAuthInstallApCopyDeviceEntryFromDeviceMap: Failed to read devicemap from file:///usr/local/standalone/firmware/device_map.plist
default 17:31:00.135377-0400    cryptexd    AMAuthInstallApCreateImagePropertiesWithDeviceMapZipped: WARNING: Could not retrieve image properties from devicemap.
default 17:31:00.135473-0400    cryptexd    AMAuthInstallApCreateImagePropertiesWithDeviceMapZipped: WARNING: Consider setting alternate device_map, ie in a device-specific SDK path.  Setting default RestoreRequestRules to: {
    Digest = {length = 48, bytes = 0xd867ae97 4a9ec256 6720109b b7f0feb7 ... 124f2c9f 7060dbc8 };
    EPRO = 1;
    ESEC = 1;
    Trusted = 1;
}
default 17:31:00.135556-0400    cryptexd    AMAuthInstallApCreateImagePropertiesWithDeviceMapZipped: WARNING: Note: This default behavior may change in the future into a hard error.
default 17:31:00.136066-0400    cryptexd    AMSupportPlatformCreateBufferFromNativeFilePath: open failed: No such file or directory
default 17:31:00.136235-0400    cryptexd    AMAuthInstallApCopyDeviceEntryFromDeviceMap: Failed to read devicemap from file:///usr/local/standalone/firmware/device_map.plist
default 17:31:00.136323-0400    cryptexd    AMAuthInstallApCreateImagePropertiesWithDeviceMapZipped: WARNING: Could not retrieve image properties from devicemap.
default 17:31:00.136405-0400    cryptexd    AMAuthInstallApCreateImagePropertiesWithDeviceMapZipped: WARNING: Consider setting alternate device_map, ie in a device-specific SDK path.  Setting default RestoreRequestRules to: {
    Digest = {length = 48, bytes = 0xbfb65b82 4d738fde 23870bcd cbfea296 ... 7874c480 4b56c6e4 };
    EPRO = 1;
    ESEC = 1;
    Trusted = 1;
}
default 17:31:00.136471-0400    cryptexd    AMAuthInstallApCreateImagePropertiesWithDeviceMapZipped: WARNING: Note: This default behavior may change in the future into a hard error.
default 17:31:00.136615-0400    cryptexd    AMSupportPlatformCreateBufferFromNativeFilePath: open failed: No such file or directory
xsscx commented 2 years ago

Added this Issue to https://github.com/apple/security-research-device/issues/54

Closing this Issue, waiting on Resolution for Cryptex on X86_64 to Resolve the CoreTrust & AMFI_Research and the tfp0 SpringBoard Issues:

https://feedbackassistant.apple.com/feedback/10015448

https://feedbackassistant.apple.com/feedback/9904294

https://feedbackassistant.apple.com/feedback/9903967

https://feedbackassistant.apple.com/feedback/9567387

https://feedbackassistant.apple.com/feedback/9729094