#HITBGSEC 2016 SG Conference Track D1 - The Apple Sandbox: Deeper Into The Quagmire - Jonathan Levin

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

sorry and this is basically one of I think the most important aspects of Mac OS and iOS both which has been around for a very long time in fact it's been introduced back in Mac OS 10.5 which is all the way when it was known as seat belt and over time there's been a history of many bypasses to this and Apple has learned again and again and improved again and again the mainly implementation that in fact been revised several times and there's been very little research on the subject barring maybe one very nice presentation and talk by one Dionysus bellas artes but that was over five years ago so I figured that with all these profound changes it's time to maybe revisit this and also this is within the context of a new book that's coming out by myself on iOS and Mac OS in the context of securities and in security and so we're gonna discuss this and we're gonna look at the implementation from an historical perspective starting from the very very first implementation which as I said we're very being very naive back in Mac OS 10.5 and we can see that the sandbox is evolving constantly but just by looking at its source version Apple maintains a versioning of all of its source bases and you can see that off of the LC source version command looking at the text looking at the various libraries and we actually see that on occasion the with every new release of Mac OS and iOS the number pops up by about a hundred one hundred and twenty releases so we see this is being actively developed and in fact is undergoing profound changes even as we speak just in the iOS 10 Bettis there have been some changes from version 570 all the way to the present day 592 and it seems that for now it's stabilized and what I'm going to be trying to cover is all the latest and greatest changes up till that very version now why are we here so as I said I personally think this is very very important and fact of the matter is you do to eight people did vote me in so I guess those eight people are somewhere in the audience here so thank you and basically the idea is that we're going to look at this because from the perspective of the security both in Mac OS and in iOS this is really the fundamental line the fundamental border where if you look at it from a trust memory perspective oftentimes if you break out of the sandbox pretty much the way to route it's just paved for you primarily we see that in jail breaks where jail breaks consists of many many sequences of exploits or things we have to get just right in order to get that much coveted jailbreak active but really the very first stage if you discount code signing which nowadays anybody can do with an apple certificate the very first stage is to break out of the container to break out of the sandbox and also we see that in Mac OS as well with the advent of sip what they call system integrity protection this is a new feature they put in Mac OS 10 11 later which is in fact nothing more than a glorified sandbox profile that's applied platform wide now our plan of attack is going to be first of all to give you a little bit of the basics I'm not sure how many of you guys here are familiar with Mac OS and iOS can I get a show of hands how many people are like active like Mac OS users or iOS users so for the benefit of those of you who aren't maybe all too familiar I will show some of the what I call prerequisites and primarily this is what they call the Mac F which is the mandatory access control framework which is in fact a substrate on top of which all of Apple's security mechanisms including code signing sandboxing Apple mobile file integrity everything is built on top of that so first I'll be explaining that and then I'll diverge into two different implementations the first implementation is the Mac OS where they call it app sandbox Inc the second one is the star OS and I use star OS because traditionally have used that to anything that is not Mac OS X Craig federighi kind of ruined it for me what he took out the X and now star OS kind of like covers Mac OS 2 so ignore that when you see star wetsuits basically anything but Mac OS doing that in a regular expression would've been like too difficult so the basically the idea is that I'll show the implementation on iOS watch OS TV OS which is all essentially the same and the idea there a fundamental idea is called a container and then following that I'll try and show you a little bit of how I dug into the sandbox and pretty much got to reverse the entire implementation and once again I'll diverge to the Mac OS version which is fairly easy because it is symbolic ated and the iOS version which unfortunately it is not lastly I'll show some sandbox api's which are present in user mode but needless to say are entirely undocumented and so I'll try to show you these api's both from the perspective of how you could use them but also with a couple of tools that I've provided for this approach and also you're welcome to follow this along if you go to this Earl right here which is which is new OSX book that's where I published my my books through and so if you go to that there's a particular section for articles a lot of these articles are like extra stuff that didn't make it in the first edition the book and a lot of addenda and a lot of like extra material and so I just put in an article here which is H itsp hack in the sandbox dot HTML and if you go there you'll see that there's both the presentation that you can follow along with as well as all sorts of miscellaneous tools and hopefully if the internet cooperates here because it's been giving me a hard hard time today then you should be seeing that there is a PDF and then a bunch of sources I've made all of my research entirely open source you can go on and get some reverse-engineer sources as well as companion files for the kernel extension if you're going to do some reversing yourself as well as the various binaries so with all that in mind let's get started so as I said we're gonna start off with something called the Mac ethno the Mac F is the mandatory access control framework first of all just for the verbiage mandatory access control versus discretionary access control discretionary access control what you call DAC usually is the traditional model in Unix where we give users the ability to change and to apply permissions on various objects in the file system primarily and that would be the usual mod shown to grab that you are in love basically you get the idea you get the discretion of whether or not to apply permissions on a particular object by comparison mandatory access control Mac or Mac f-for the mandatory access control framework is this idea where we say it's not discretionary anymore it's mandatory meaning that we do all types of access control permissions primarily and user rights assignments but we do that on a system-wide basis we're essentially only the administrator can assign those permissions and everybody has to abide by them now Apple takes at one level upwards of that and that is to say that they are the true administrator of the operating system and then if you're running iOS obviously you're just kind of like leasing the device from them and they decide whatever the policy should be and you have no control over the matter and we see that slowly creeping into Mac OS with the advent of sip that have mentioned system integrity protection which is what they call rootless which is really the idea that root is still there but it's not root anymore it's a lot less root can do less many people thought that Apple would remove the root prompt on entirely they can't do that because too many people need the power user experience but then on the other hand that you do have the consistent ability to remove a lot of roots capabilities and roots powers and that is effectively what rootless is and we see that starting in Mac OS 10 11 and unfortunately getting even stronger in 10 12 now for those of you coming from Android as I've seen many Android people here the idea is primarily also in Android where they use a different type of framework which is called selinux or in the implementation and Android se Android again it's basically the same idea although it's a totally different take in the apples perspective in Linux what they do is he just used the kernel module to assign labels in the iOS Mac OS case they still have a kernel modules they still have labels but if you do it a little bit differently and so what they do is they have this framework which is essentially a framework of callbacks from the kernel any type of operation and virtually every system call in most traps get this call out where they say if there is some type of policy then let us first run that operation by the policy and the policy we'll decide yay or nay now if the policy does abide no problem the policy says no we failed the operation it's as simple as that the policy in this case is actually sold separately that's a kernel extension that is installed and this is something that Apple could have made as a public kernel interface where they call KPI they chose not to this is something that's not allowed for developers to interface with developers instead get a lessor far far inferior API which is called chaos which isn't even coming close to the vast extent that Mac F has so Apple keeps macca for themselves and then basically what they do is they have their own kernel extensions and those hooks basically decide yay or nay according to whatever the coder decides and one important thing is that it each such a hook can basically just negate but not really approve that is to say that if some other hook says no then that's it suffice it that one hook says no and that the operation should fail and that's it nobody else can afford that or somehow circumvent that and make that negative into a positive now in particular what would it look like from a visual point of view so we've got the user mode process the user mode process is of course somewhere in user land and in order to do anything of consequence that user mode process has to issue a system call now there is the notion of system calls and math traps which are two different things but for the sake of simplicity let's just assume system call as a cross from user mode onto the kernel boundary now in the kernel mode we've got a system call table or potentially a mousetrap table and those in turn will lead us to a vector which is the actual call itself the implementation the correspondent call is called from the table and in turn will call on that call out they will do the call to the mandatory access control framework which is a component that's built into the kernel but then what's not built into the kernel is a set of policies so Mac F basically looks at a set of policies which are registered modules and calls out any of the so called interested parties now what are interested parties any module can register and assign a policy for up to about 400 and something operations naturally not all of them care about all the operations but depending on which operations are interested in you basically set your pointers if the pointer is null nobody's interested if the pointer is not null you get called and so when you get called you're one of those policy modules and so Mac F will call out to you and will say to you do you want to approve yay or nay you get the option to choose and you get the option to see all the arguments the same way the system call would as well as you can see the kernel authorization structure what they call chaos which is basically the user credentials and it's very similar to the struct cred that people hear in Android we're talking about basically getting the UID of GID effective UID and so forth now the policy module itself may also call on a helper and that's usually when they do an up call to a daemon and you'll see that that's also what happens in our case to both the amphi policy and the sandbox policy have their separate daemons although in iOS it's a little bit different nowadays and in those cases only if the daemon says to the kext it's fine then the text will say to the Mak eff it is fine and then all this will propagate backwards to the system call implementation and the system call may or may not succeed but as far as Mak F is considered then that system call is allowed now again there may be more policy modules here and the nice thing about it that you can extend it in any way you want or I should say in any way that Apple wants which is unfortunately limited but basically this enables them to do any types of these policy modules sandbox is only one of these modules and in fact if you're looking at your Mac OS or if looking at your iOS you're gonna see several of those the ones in iOS and Mac OS both are Amphion sandbox but Mac OS itself also has quarantine which is the substrate for gatekeeper although that really doesn't work well there's also something called MC X which is to manage client extensions this is familiar if you've done any Mac OS in the enterprise where you can manage applications or if you've done parental controls which is actually a pretty nifty feature inside Mac OS and there's another one that's not really actively used which is the so called time machine safety net but for our purposes the main one is of course sandbox and just by looking at the number of operations here you see that sandbox gets the bulk them 130 operations which correspond to most of the I would say useful system calls now the idea is that you can decide whether a policy applies or not by spawning the executable and when you spawn the executable usually do that via fork and x''k or a via passing spawn in both cases the implementation in colonel goes eventually into something called Mac execute and this Mac exact vehicle for taking the binary and loading it but before it does so it'll also look at the label and that label is basically a con find whether or not we want to sandbox or do not want to sandbox now this is where up until now everything is like the same but from here it's going to diverge because the Mac OS perspective and the iOS perspective are actually they're similar obviously but they're also profoundly different in the sense that Mac OS is primarily voluntary and iOS nobody's asking you you're gonna be in the sandbox whether or not you want to so the original implementation actually conveys some of the name the idea was to originally make it as an opt-in and they called it seatbelt kind of like the seatbelt that you're supposed to buckle when you get in a car but you know to be honest many people don't like seatbelts and the lake not in the backseat or on the plane you know when they wake you up like five times on the 16-hour flight to tell you buckle your seatbelts we're trying to do is you know sleep a little bit so most people obviously cannot be relying on this seatbelt approach and that's where you've got the Mac OS and iOS which still are going to divert you but in the case of Mac OS they are still going to give it semi voluntaries what I call in the case of iOS it's just going to be with no questions according to where you've been installed so voluntary you can still do and that's usually calling sandbox in it and that's if you're in like a responsible application developer of course application developers are not responsible and so we've got the semi voluntary which is where Apple says ok you want to develop an app for Mac OS no problem you want to distribute it through the Mac App Store no problem but maybe there is a problem we are going to do the code signing for you and we are going to enforce that whatever goes in through the Mac App Store will actually be turn your eyes and they do that via and entitlement which is something they control you can actually see that for yourself if you forgot any application that you've installed on your Mac I use a tool called J tool which is my own tool here and just by looking at some random application like say I don't know Evernote which I've actually never actually used I keep using it just as a demo but I've never actually installed Evernote properly you consider that it's got a lot of entitlements and one of these entitlements actually says here somewhere there's a comm Apple security app sandbox is true now the interesting thing about this entitlement is that unlike other entitlements which tell you what you can do for example you can access the device camera you can access the device microphone this is where if you've got this it's like the Mark of Cain you will be quarantined you will be sandbox and there's nothing you can do about this and that's because this entitlement was not provided by the Evernote developers it was provided by Apple and Apple in the process of code signing this in order to make this distributable through the App Store has also slapped this entitlement and therefore that's it as soon as you have this entitlement you will be sandbox in a process that I'll show you in a little bit and then you've got the Mac OS case sorry the iOS case and the iOS case is a little bit different in that they look at where you're installed so Apple applications can still opt in to be sandboxed but for the most part most applications are going to be inside var mobile and inside var mobile there's going to be containers where specifically you're looking at var mobile containers bundle for example container sorry data and then you'll see here that there's all sorts of applications and if you're actually installed in this location the sandbox will effectively kick in and you can actually do this with a nice little experiment even on a jailbroken device so let me just put this down okay so this binary J tool runs here because it's running from then outside the sandbox location from user local bin but if I take the very same binary which is you know this user local whatever it is and I copy this to that quarantine directory to essentially tavar mobile and over here I'll do containers and I'll do bundle so somewhere along the way in the path there's going to be very mobile containers sorry data then somewhere along this sub path if I try to run J tool from that location then you can see not here not yet but just I'll move it one more step further as soon as it's in a bundled container it will effectively be quarantined in this way so let's just do this it's kind of hard to do this with one hand I'm gonna try nonetheless so I'll move this here and so I'm putting this into you know of our bundle and what is it application sorry and so as soon as it's here uh da da da then you can see hopefully oh not yet oh yeah you I put I give myself platform application which is why it would work yeah so Jade fools not a good example because it is a platform application but basically the idea any other binary if you try from whatever location would actually be killed on the spot again not a good example here but you should take another binary now in particular how is that going to work inside Mac OS so in Mac OS you do have containers and the containers are slightly different than they would be in in iOS because in iOS we've got this separate location which we can of course use but in Mac OS everything gets installed into slash applications so instead of that you've got your info.plist that if open list gives you a bundle identifier and that bundle identifier in turn provides for you the you know identity of your app now if you look at your apps you should be able to see that there is a library directory in your home directory and in this there is a library containers and those apps which are voluntarily sandboxed or otherwise sandbox because of some restriction the code signature will automatically have their own little directory here okay so that's like the Mac OS implementation and as of ten point seven five which is like ages ago they also put in this notion of group containers which is apps are developed by you know multiple apps by the same company or same entity can effectively share that container now how is that really going to work so we've got our app and our app eventually I mean when it loads it's gonna have to at some point load Lib system and it's gonna load lip system fairly soon because lip system is the substrate or the fulcrum for all other api's so you have to have lip system and you cannot avoid this load lip systems initializer is then going to call lib dispatch which is GCD now whether or not you're using GCD is entirely irrelevant because that initializer gets called this in turn goes and calls lipstick in it now again this is all done at the D yld stage meaning you're being loaded and you don't have any ability to control this this is well before your mane even starts and then your lip second it is going to go through a couple of stages which eventually is going to look if you have entitlements and if you have entitlements it's going to go and send this over an ex PC pipe to another entity which is not you which is security D and that's what the message looks like and you can see that it has essentially as any ex PC messages had a dictionary of keys and those keys are where you can see over here is a sandbox candidate and in addition there is the intelligent dictionary security deep is going to make the decision whether or not you should be quarantined and if you should it'll send a message okay let's quarantine you let's put you in a sandbox that is and then that in turn will go and put you into the sandbox and this is why I said it's like semi voluntary because you don't really want to do that but the initializers that you have no control over do in fact do that now there are ways around this there's definitely ways around this but let's not discuss those because those constitute like basically vulnerabilities and we're trying to stay clear of that but I will show you just how you can show this for yourself so ll DB which is the built-in debugger if you've got xcode on virtually any app that you want and let's just pick a random app that i know is gonna be sandboxed probably one of the lesser used built-in apps let's use like I know chess when's the last time anybody ever played chess on Mac OS I don't know but still so looking at that you'll see that it has its container required from App sandbox because it has that entitlement it will be in fact containerized and then let's do an L LD be on it and as I do this L LD be right on that I'm going to run this but before running this I'm going to put a breakpoint and I'll put a breakpoint on X PC pipe routine XP C pipe routine is how all of this X PC traffic is being carried over where there's two forms there's X PC messages but the pipe gives you an implementation that's very much like a UNIX pipe so it's kind of like an emulation over X PC messages I put in the x PC pipe routine like so and then I run this now as I run this there's gonna be several breakpoints not all of them are necessarily mine the first one is actually for launch D I can see which one it is by looking at the back trace this is not the right one this is to uncork the XP C implementation not what we want so we continue and the next one we see here is the one that's coming off from the exbc pipe create which is coming from lib system check in it so that's actually the one we want now if we want to look at an X PC message it all is a matter of just looking at wherever that message argument is in this case I can use a very handy X PC copy description which is a little known but incredibly useful debugging that lebecq's PC has and I can say copy description and I want here the first argument is the pipe the second argument would be the message so that would be RSI by the calling convention and if you'll see here this is actually a message this is the initial handshake message so let's continue past that and looking here you'll see that there is the exact message here which says this is my registration with SEC in it D and look here where it says that I'm in fact a candidate for the sandbox that's a bull true as well as my entitlements and one of these entitlements in particular in fact is this one which says security app sandbox is true so as a corollary it follows that I will in fact be sandbox to actually see the sandbox I need another breakpoint which is going to be in the internal implementation of something called sandbox MS and this is what they call the sandbox Mac F system call notice the double underscore which actually here would be a triple underscore and that's because they don't want you to is it double or triple yeah there it is double underscore and that's because they don't want you to use this as a symbol but then I continue and as I continue in fact you'll see that in the back-trace following the message from security D we have in fact set up an app sandbox for me now again this is all before the main' starts and if you look here at the registers you'll see that in fact the Mac sis call calls on the sandbox and says I want operation number zero which is basically shove me in the sandbox and only then after I press continue will this actually finally load there's a bunch of others but then eventually this will you know take a while but whatever little Oh chess up until now chess or any other app for that matter has no control over this at all so this is all supposed to be safe because it happens before your main even starts and I'm leaving it as an exercise to you to think how you could possibly circumvent that I mean certainly with the debugger you could have you could you just block the message so that's the Mac OS case and then that container that we're going to be put in is going to be in library containers where all of your containers essentially look the same and the way it works is we've got this just go well push myself to that directory so that would be my home directory and library and containers and looking at that you'll see that again there's all these bundles I can actually go to calm Apple chess or whichever one day I want to become Apple because they all have their own little containers like so irrespective of which container you choose they all look the same where there's a data directory and there's a container list the container dot plist if you try to look at it it's not your average plist because it's very big and because it's very big it's also very binary and so you want to convert this to normal code which is normal XML so you do PL util - convert convert and then you want to do xml 1 which is the format - OH - to be stood out and another - to be stood in and pipe more and that gets you this nice little XML view where you can see that it has the identity and that's your effectively your code signing identity you calm Apple chess but it's in Unicode so it's encoded here is basic ste 4 followed by this very very long sandbox profile data which is in fact the confines of your container which we'll get to very soon after this you'll see following this data which is really a huge blob you have profile data validation info and that again has those very same entitlements as well as additional parameters which tell you which directories you're expected to be in and more importantly there's redirect able paths now why are those really directional paths interesting because Apple here is running into a problem they want to give your app the sandboxing on the one hand but also they want to give your app the ability to access various resources which are on your desktop downloads and so forth so they use a rather novel approach which is inside data which is your quarantine directory they actually have symbolic links and this of course is nasty because obviously symbolic links would imply traversals and whatnot but that's why they have the redirect Abel pass key they know which links are valid and they actually check the targets of those links so we can't simply do a an L n minus s and link yourself to elsewhere so in that case you know they've got things pretty well figured out in that case now looking at iOS iOS is a lot more stringent than that so you're probably familiar with the classic model of iOS which is var mobile applications you UID of your app and then inside you've got the app name dot a P P whatever that is and you've got the documents library and so forth as well as Store kit if you're doing any type of in-app purchases and iTunes and all that jazz this has changed in iOS 8 and 9 to be informal containers which have just shown you where you've seen me do var mobile containers bundle and then there's application or there's var mobile containers data then if you're in those paths you're automatically sandboxed now why did they have to do this change because one of the things that iOS 8 at the time heralded is the ability to share data between related applications and that's notion as they do like in Mac OS containers which is if you've got the same team identifier the same code signature and you're coming from effectively the same entity they allow you to share data in between your apps iOS 10 actually takes this another step further and you can see that this has changed like significantly and there's two notable changes the first is in the structure we're no longer do we have this in just var mobile containers as before now we have var containers which implies that we no longer rely on mobile which is that UID of 501 which is what everything runs as the other thing is there's ACLs access control lists and when I say here ACLs I mean ACLs and then the extended attributes that you've got in Linux as well set facl get if ACL and this actually is the clearest indication at least in my humble opinion that iOS is gonna go multi-user because otherwise they wouldn't have to do this and they wouldn't they would still keep everything in var mobile so that's something that may not be out in iOS 10 point oh but I believe that maybe in iOS 10.1 or something it will eventually have to go multi-user if only because the competition has as well now looking at the actual containers this means that we have to manage this vast directory structure in user mode and that's why they have an additional daemon to do that and that demon is called container manager the container manager daemon is the replacement in some respect to what the sandbox daemon once was the sandbox daemon is still something that they have in Mac OS but in iOS no longer do we have that and primarily the main issue they were combating is that people would mess with the profiles and it's rather easy to do that and user mode and so now all the profiles are put into the text the kernel extension itself the container manager D now basically has its own private interface and it exposes two ports one is an X PC port but it means of which installed E or mobile backup can connect and set up containers when you install an app or you restore an app or you remove an app the other is at ma special port and the Mocs special ports be used primarily because we need to interface with the kernel or in this case the text so all those up calls I mentioned are performed in this way where there's mock special port number 25 and there's one megaman saij one mA interface generated message which is effectively this special message and then they use a proprietary undocumented of course format called a SB pack buff where they basically serialize all sorts of requests and replies and that's an interesting topic in itself but extends our scope now one other player that we have here is amphi the so called Apple mobile file integrity and this is the arch nemesis of jailbreakers this is the text and the daemon that make sure that there is no way you can effectively escape your confines as well as in the case of an fie run unsigned code so amphi and the sandbox qex do they work in very close communication with one another where amphi not only does it kill processes and you know if if anybody invalidates a code signature and such it's responsible for that enforcement but it also provides in kernel services for entitlements so if you want an entitlement inside the kernel you generally go to amphi antfee exposes a set of api's for you and then you say give me the entitlements so-and-so the sandbox uses is primarily for one special entitlement which is called seatbelt profiles and CDL profiles are built-in again as entitlements to Apple's own demons and that enables Apple to set or assign a particular policy for a demon on a daemon by demon basis and again because this is part of the code signature the idea is that it has to be vetted by Apple because we're under the assumption that an invalid code signature would have been killed by an fee then there's another thing which is calm Apple private security container required and this is the same opt-in that you saw in the Mac OS case only it's done on Apple's own applications so for example here looking at J tool - - en't on applications and pick one of the apples built in one which are you know mobile male Mobile Safari mobile whatever and you'll see that there's a bunch of these and there is this container required which you should be able to see if I just do a grep there it is calm Apple private security container required by virtue of this being in your code signature you're automatically be going to be containerized okay so that's the it's done there so that's all in all the theory now if you're looking at how one would approach reversing the sandbox so if the sandbox is a kernel extension which means that in Mac OS it's fairly easy to see because it's plain visible so in Mac OS it's a simple matter of going to your system library and in system library where all your kernel extensions are you've got system library extensions and then you're just looking at sandbox kext and you'd be looking specifically at the contents Mac Oz and that will give you the sandbox kext which is for the most part pretty well symbolic ated so it's a simple matter of doing something like j2 minus s which is kind of like n m and show me all those symbols and you can see that you've got all the dependencies but you've also got if I'll do pipe more here you've also got a lot of the internal symbols which are the little lowercase T those internal are not exported as well as a bunch that may be exported for other qex and for the most part this is the main basis for all reversing because the two are derived essentially from the same codebase now if you're looking at the iOS case in iOS all you have is one big kernel cache which for the longest time was encrypted and up until iOS 10 the only way to get access to that kernel was actually by first running an exploit that would give you arbitrary kernel memory read and one of the read operations you do is just to dump the entire kernel so you don't need to do that anymore fortunately and all it takes is basically getting the actual kernel cache which you can get off any of the iOS apps wares or the OTA updates that's very simple and then there's a tool of mine which is called Joker and Joker really the sole raison d'être of this tool is to analyze kernel caches that's why I wrote it and it's very very useful because then you can say give me on a particular you know for example in iOS 10 so I think I have one or two here iOS 10 and then you'd be looking at snoo of whatever version so snows 37 89 or actually let's make it the latest which is 37 89 dot 2.2 and then it depends of course on which a binary you're looking at because there are different kernel implementations for different devices but the most part running Joker like this will get you a list of the kext among many of these features and when it gets you a list of the qex you can also say give me the actual text which is to do a - uppercase K on com Apple and you have to give the bundle identifier of the text which in this case is security dot sandbox and if all goes well and it doesn't hideously crash it'll tell you that it found it and notice that it's also telling you that it's resolving the symbols now some of the unable to resolve symbols here is because those are symbols from different texts which I do not support that those are symbols coming from Alfea and another dependent text which is called the the regular expression matter which is Apple Mac text but for the most part noticed that it not only gave me the actual text which you can see in TMP as com Apple security whatever it is but it also provided for me the companion file which is this arm 64 dot something something something now the arm 64 is just so you would know where you took it out of but the dot something something something is the UUID which is the same UUID and I'll show you here for a sec it's the same UID that you'll see here if you look at the text itself every text is uniquely marked with a UUID and so that UID over here matches that you UID that you could have seen over here and that way you know that you're looking at the right file and specifically if you look further at that file you'll see that it gives you all the symbols which are the external dependencies as well as more importantly than that all the policy options because remember that we've got the texts that register policies and these policies register callbacks so that gives you all the callbacks so that's a simple matter in itself once you know the structure of the text it becomes very very easy and there's a bunch of other tips here that I mentioned and how you can symbology the rest but for the most part I'm happy to announce that there's like a hundred percent symbolic ation of this text again primarily built on top of the fact that the Mac OS text really helps a lot now if you're looking at the policy hooks themselves this is where by the way if you want to look at it in real time there's all these stuff I put on the Associated webpage which among other things have this companion file so looking at most of the hooks and let's just do like a live one as an example J tool - D and let's look at the comm whatever pipe more and so you can see that there is a bunch of functions here and notice that this is all like being generated on the fly like from the actual disassembly engine of J tool and looking at one of those MPO policy options for example there's NPO policy init init BSD syscall which we'll get to in a little bit but let's look at one of the actual hooks so for example the hook for Arad and OEF cntl so that hook for F cntl is over here and you can see it says NPO file check F cntl and I chose F cntl just out of random chance but basically you can pick any one of those in the case of F cntl the first thing it's doing is it's comparing one of the arguments of F cntl to see if this is an approved F cntl in which case it just short circuits and just doesn't do anything it jumps to the end or you can see in other cases it needs to call evaluate and how does it do the evaluate it passes a buffer which is a 224 byte 0 buffer here to cred SB evaluate now in credits B evaluate notice you've got like three arguments one of them is the actual policy of supplied argument which is this arc zero this second argument is here but the middle argument here is 7b and that 7b is an operation number so operation numbers and you can see like if I look at check a map then again we're looking at the same credits be evaluate but this time the number is D if I'm looking at file check said it's the same structure but now it's 79 in other words those numbers basically encode operations and so we've got all these operations this in turn goes to cred s be evaluate oh there it is yeah and Incred us be evaluate you're basically looking at the actual operation number that keeps on going through that to s be evaluate and then what s be evaluate does is it calls eval so just to show you how I generated this the idea is to do here once I know the name of the function I can actually disassemble the particular function by just saying be evaluate like so and if I do so it'll just give me all the output of the function like so but what I really want is just to see the call-outs so I would do a grep to isolate only those call-outs which is BL for armed 64 branch and Link and that gives me exactly the general flow of call-outs now mind you this doesn't have some of the logic inside and if-then-else says but for the most part it's a very simple way that I use a lot in order to see the flow if you use Ida Ida has the xref feature but they don't really have a call-out feature which sometimes is actually more important so you can see for the most part it's part of doing this eval and eval is the main bulk that does a lot of the actual profiles now what are these profiles so profiles are something that you can still find in Mac OS in their plain text form and that plain text is actually well it's not so plain text it's not so readable because it's written in this horrid horrid language called tiny scheme if you look at that you'll see that there's a directory which is system library sandbox and profiles like so and there's a bunch of these SB files here now again I'm warning you that this is like probably the worst type of syntax I've ever seen this is something when I took scheme as an undergrad I vowed I'd never ever mess with it again but yeah there it is it comes to haunt me and so the idea is basically it's a very simple language in practice where it shows you allow deny the operation and then the arguments of the operations that you can see are for the most part literals and there's also a very convoluted case of regular expressions which are being used here but I'm not gonna get into that one thing though that is interesting is that these profiles may then be compiled and they may also be traced and in order to do that you've got a tool called sandbox x'q sandbox x'q is a very simple binary that Apple keeps closed source and it's an actual dishonest low binary in the sense that it has a lot more options and it would tell you about one of the main options is an undocumented - T which is for tracing and this is actually very very useful because then you can take this and apply and effectively get a trace on any type of binary that you want there's two ways of doing that one is to specify a trace profile like so which is this simple profile that basically allows everything but just says I also want you to trace into a file and then the other one is to just do this minus T thing to sandbox X AG which basically uses a different set of undocumented api's to perform the tracing why that's important is because it gives you a pretty good idea of what the app is trying to do while still allowing this so think about SELinux in permissive mode where permissive mode it still allows but it will complain about things that you know what it's trying to do when I get any given process like that I'm also happy to report that if you look at the actual website you'll see that there is the source of sandbox xx which are basically just re-engineered from the assembly you know it's fully compatible and more important than compatible is the fact that you can now compile it for the first time for iOS now I should point out again that some of the functionality in iOS is a little bit broken excuse me tracing doesn't really work without sandbox D but you can probably work around that too if you bring back an older version of sandbox D and that's actually a very very powerful tool the main thing about it is that you can say sandbox x ik and specify a profile and apply the profile automatically and then effectively try to see what your application would do if it's sandbox or if it's not sandboxed now in iOS most of the profiles are going to be built in and like I said they're built into the text itself Mac OS originally had four of these in iOS there's like honestly dozens and dozens still you can find them you can also reverse engineer you can D compile them the D compilation is actually something that's shrouded in mystery because there have been attempts at providing a good D compiler none of the actual decompilers actually work properly there's a bunch of Python scripts that are purport to do that they're not really that effective and also the sandbox profile language keeps on changing in the actual compiled implementation now as for what this would look like on iOS because all of this was you know the Mac OS implementation we've seen in iOS the main hook is the credible update XXV II which is basically with the callback that occurs when you call an XXV so this calls back into sandbox kicks sandbox kext will then call an MP it looking amphi to see if there is a particular seatbelt profile that you have because if you do then that seatbelt profile will apply to automatically if you don't it'll go and try and containerize you as any third-party app then there is a call to something called PE I Can Has debugger and this is not my invention of a name this is the actual built in name by Apple which is uh something that they use to pass is a boot argument as of iOS 5 you can't really pass boot arguments so you can't really get that debugger ability unless in some jail breaks you can actually patch that but not anymore not in recent ones then you get the signing identifier and that's the entitlement of application identifier which again is provided by Apple then you get container required which you saw already in the built in Apple apps so that's how we know either by application identifier or by container required that we need to sandbox you then we check the sandbox spawn adders which is where user mode can actually say I want to start you with a particular configuration most of the check here is just to make sure that nobody's trying anything hanky-panky because obviously these spawn adders will dictate what the sandbox behavior would be following that there's an up call as of iOS 9 - container manager container manager is going to specify the path where your app is installed and where the data container is because the data container and the actual program container are not the same once we get that we validate the container name we call on a built in sandbox create function which basically assigns us a default profile for all third-party apps we set the container we create an extension which is kind of like a special rule that says oh that executable that's outside the container we can still access it we also create the actual sandbox object and we assign it on your chaos structure which means that any subsequent call by the same PID we can always get that sandbox and last but definitely not least we revoke all the privilege ports we do not want to have access to any mah or xB sea ports which are special in particular we're talking about ma special ports here the bootstrap board and such others because if you have those you get ex PC or our PC in general visibility which in turn could allow you to break out of the sandbox by exploiting some other daemon so if all goes well that's basically what happens to all of your apps if something is awry and something doesn't seem right the sandbox kills you on the spot they basically deny the operation and you automatically get a kill -9 again this is all before you execute code because this is on the hook to XXVI so they're basically guaranteeing that no malicious code or potentially jailbreaking able code would run okay and of course the ways to get past that are of course in the very long lore of how one would jailbreak now as for the api's sandbox has a bunch of API switch Apple keeps private some of them have been reversed some of these have not been known up until the present day so basically the api's are you can say they're in two groups the first is lip system sandbox and that's primarily the calls to the qex to the kernel extension which are wrapped by very simple wrappers so that they're easily and readily available via C api's then there's user Lib Lib sandbox dot one dot die Lib which effectively handles most of the profile compilation and the good news about profiles is we may not be able to decompile them properly but we are able to compile them on the fly so a lot of the reversing I do is to basically try and compile compile compile keep changing a little bit of the profile and then see what the actual change in the binary profile would be now in terms of how to interface with a text that would be over Max's call this is a proprietary Apple sis call which is actually modeled after the same sis called in BSD but is implemented differently so that's this call number 381 and it's basically an IEEE octal style and the octal style here is this idea that it gives you a set of numbers in each number provides some different functionality and the first argument before that even is the name of the text you want to interface with so you can say sandbox to get to sandbox you can say quarantine in Mac OS to get to quarantine and so forth and so forth looking at that you can see a list of these api's but I should point out that these API have in fact been constantly changing a better list you can see if you're looking at the actual output of the if you're looking here at for example my text so the text that I provided for you is fully symbolic ated that makes it really easy but even if it weren't symbolic ated what you want to look at is the hook of the policy syscall which is somewhere here there it is NPO policy in it no it's one after it's uh give me a second here yeah there it is platform policy is called the other it is okay so you're looking at MPO policy syscall and you can see that over here there is a switch statement and it's very easy to identify switches in arm sixty-four code because you've got the ldr SW which basically takes the value of x10 which in this case is this and there's a huge switch statement which basically handles all the cases if you look further with the Jade tool output you'll see that all this cases all these cases are broken for you a lot of them are unimplemented or forbidden for you know being obviously too dangerous in iOS but for the most part there's quite a few that are implemented for example you can see cisco inspect or you can see note or you can see check which are primarily the api's that work both in mac OS and in iOS so looking at sandbox check this is one of those that have been fully reversed and people know about that is probably the best way that you can find out if certain sandbox operation is allowed or not allowed without the potential of you know untimely demise if the sandbox kills you and primarily how you do that is you can check on any PID that you want that's pretty useful there it's part of a set of api's that Apple would use that you given a PID it would either check if their code signed or if for example in this case if a sandbox operation is allowed this is in my humble opinion the best way to establish the boundaries of a given profile and in order to do that I wrote a simple tool which is available for your download as open source and since I'm here in an open iOS session allow me to just demonstrate the tool is simply called SB tool and it takes in a PID and then you tell that what you want to do now some P I DS are actually on sandbox if you're going to be on a jailbroken device yourself you're not sandbox tin case the tool says man it's moot forget it I'm not gonna check anything but again looking at I don't know for example a mobile mail or mobile safari or any of the mobiles those are actually quarantined inside you know the implementation by comm Apple security container required and so we can say SB tool and you can say the PID 551 and then you can basically say you want to check now what can you check you can do all which actually doesn't work so well in I'm still working on that but you can say give me all the mach ports and this is gonna spit out a list of all the mouth ports with the simple yep or nope now the way it works is you can actually grep it and see which ports are allowed like so or which ports are not allowed and that is the best way that I can think of a finding the attack surface the other thing you can do is you can say access to a particular file or directory so you can say for example file of course this would mean you have to specify the file or directory name TMP and it says no you're restricted or it could say that you're allowed so this is all done by sandbox check the way I get the X PC service is actually through a proprietary interface that I call lib Launch D where I query launch D I get all the X PC services and then just basically brute force which again is common practice when you're looking at P IDs now the other thing which is a real gem is called sandbox inspect what a sandbox inspect do it actually tells the sandbox give me all the information you got so all it takes is to put in this inspect and you can see that it's giving you a full explanation of what the sandbox profile is from the perspective of the sandbox itself so you can see the size of the profile they associated container and then you've got various extensions and those extensions are the rules that were provided in order to allow mobile mail to do what it needs to do which wouldn't really fit in any hard-coded profile so that's basically this very simple idea again SB tool with the inspect argument and those extensions are you know they're a universe in themselves but to keep the long story short you can think of it this way most iOS applications will get three standard extensions there are comm apples sandbox executable container and application group of course to show you this I'll have to look at some application which is fairly easy because they're all in the same bundles there so looking for example actually I'm looking at IHG priority Club because now we're in an IH D property yes and so da da da 934 and you can see that this is a third party and because it's a third party it gets those extensions which is to say it can access its own application bundle and it can get access its own container like so ok but then if you looked at originally the inspection of mobile Mail Apple obviously gives itself more extensions which also have to do for example with access to your photos and access to your address book which will be on sandbox because mobile mail needs to do that and it doesn't need to go through TCC which is the transparent a consent and control that gives you all those annoying pop-ups now they're actual full list of extensions is here and you can see that there is all of these and there's also an API for the extensions which you can see which is based out of lips and box the actual implementations of extensions is a little bit more complicated than that primarily there's a token and then there is this very interesting sha-1 that they use inside off of a sandbox sentinel which i'm not gonna get into that because we are running out of time anyways but it will tell you a couple of things first of all if anything of this is like relevant to you is if you're like mac OS developers or iOS developers this is something that you have to deal with because it is in fact a reality in iOS and it's coming very very soon to mac OS as well especially with the advent of sip Apple is just tightening further and further the restrictions of the sandbox what they do is they gently float it around to see if there's any issues if anybody raises any concerns and if nobody does he just tighten it further still so it's kind of like a noose that's slowly closing in on developer freedom essentially but then you've got all these tools and I really hope that this will you know reinvigorate the whole interest in the sandbox especially after Dionysus is great article which I think is relevant today as it was five years ago which you should totally go ahead and get and of course you've got all these tools and they're all out there also what you've been seeing here is effectively an excerpt from the up come book which is mac OS the second edition Mac OS and iOS internals and this actually coming out in volume 3 first there's three volumes one two and three one is user mode two its kernel mode and three is the security and insecurity and what I've basically tried to do is like you know summarize an entire 30 40 page chapter into this hour-long presentation so I hope that was instructive and if you have any questions I'll be happy to take them any questions as well because then we have a coffee break questions feel free to approach him during coffee breaks excellent thank you very much Jonathan

Info

Channel: Hack In The Box Security Conference

Views: 3,098

Rating: 4.9272728 out of 5

Keywords: hitb, hitbsecconf, hackinthebox, jonathan levin, apple, sandbox, seatbelt, sip, osx, singapore, hitbgsec

Id: mG715HcDgO8

Channel Id: undefined

Length: 56min 26sec (3386 seconds)

Published: Mon Sep 26 2016