Comments for Neohapsis Labs

Comment on Pass the iOS Privacy Salt – Hashing Does NOT Guarantee Privacy. by again

again — Wed, 15 Feb 2012 23:07:51 +0000

cf. http://dnscurve.org/nsec3walker.html

Comment on Keychain Dumper Updated for iOS 5 by iPhone: keychain dumper – killed 9 problem « SECURITYLEARN

iPhone: keychain dumper – killed 9 problem « SECURITYLEARN — Tue, 31 Jan 2012 17:39:48 +0000

[...] has released. So you will not face killed 9 problem any more. More details are available at – http://labs.neohapsis.com/2012/01/25/keychain-dumper-updated-for-ios-5/ Rate this: Share this:EmailFacebookLinkedInTwitterLike this:LikeBe the first to like this post. [...]

Comment on Keychain Dumper Updated for iOS 5 by Satish

Satish — Fri, 27 Jan 2012 01:40:02 +0000

Thanks for updating the tool. Great work & nice write up.

Comment on Updated iPhone Keychain Dumper by UmZ

UmZ — Wed, 25 Jan 2012 19:39:55 +0000

Hey thanks for replying I was able to dump the data from other tables. I was thinking if we can take the certificates out of keychain along with private key. Would it be possible from cert table ??

Comment on Updated iPhone Keychain Dumper by Patrick Toomey

Patrick Toomey — Wed, 25 Jan 2012 15:24:15 +0000

Which table are you interested in dumping?

Comment on Updated iPhone Keychain Dumper by UmZ

UmZ — Mon, 16 Jan 2012 21:12:57 +0000

Hey Patrick,
I have seen another table for keys in keychain-2.db. I tired modifying your code but looks like it doesn’t dump anything from that table. Do you know how can we dump data from that table as well ??/

Thanks

Comment on NeoPI in the Wild by Saam

Saam — Sun, 15 Jan 2012 00:04:41 +0000

This may help you in your base64 detection:

“”"
NAME : isBase64Encoded
PARAMS : string
RETURN : bool
DESC : Tests input string to see if it is
Base64 encoded
EX : in:MzAz, out:True
in:MzAz(), out:False
“”"
def isBase64Encoded(s):
s = s.strip()
if len(s) % 4 == 0:
if re.match(‘^[A-Za-z0-9+/]+[=]{0,2}$’, s):
return True
return False
# EOF: isBase64Encoded

Comment on Facebook Applications Have Nagging Vulnerabilities by Scott Behrens

Scott Behrens — Wed, 11 Jan 2012 18:49:33 +0000

We had a relatively small sample size (10 apps) so there could be some wide variance on other applications assessed. Even though it was a small sample size, there was a variety of different third party developers that wrote the applications so we weren’t looking at applications that shared the same code base or coding practices. It would be interesting to gather even more statistics from other consultants in the industry that also assess Facebook applications.

Comment on Facebook Applications Have Nagging Vulnerabilities by willc

willc — Sat, 07 Jan 2012 00:35:43 +0000

Nice article…what was the sample size?

Comment on “Researchers steal iPhone passwords in 6 minutes”…true…but not the whole story by iPhone Forensics | InfoSec Institute – IT Training and Information Security Resources

Fri, 06 Jan 2012 21:49:32 +0000

[...] Keychain dumper http://labs.neohapsis.com/2011/02/28/researchers-steal-iphone-passwords-in-6-minutes-true-but-not-th… [...]