Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

0x06h App Extensions Discussion #1183

Closed
cpholguera opened this issue Apr 22, 2019 · 3 comments
Closed

0x06h App Extensions Discussion #1183

cpholguera opened this issue Apr 22, 2019 · 3 comments
Assignees
@cpholguera
Milestone
1.3 release - And...

Comments

@cpholguera
Copy link
Collaborator

cpholguera commented Apr 22, 2019
edited
Loading

This issue is about getting on the same page about testing App Extensions.

These are the comments from the original PR:

  @commjoen
commjoen on 20 Mar  Collaborator
how can i make use of this? what is the danger? (e.g. explain what to do next with MiTMing given the mixed content and the possibility to do ssl bypass)

  @cpholguera
cpholguera on 23 Mar  Author Collaborator
is this really related to these lines? This section is about "Verifying if the App Contains App Extensions", it's simply an info-gathering step, so to say. The next step might be take a look into the app extension or reverse-engineer it. Apart from considering the following app extension specific steps:

Determining the Supported Data Types
Checking Data Sharing with the Containing App
Verifying if the App Restricts the Use of App Extensions
Were you maybe referring here to the section "Testing for Mixed Content"?

  @commjoen
commjoen 18 days ago  Collaborator
just to make sure, maybe i have missed it: but where are these steps tested?

  @cpholguera
cpholguera 18 days ago  Author Collaborator
if you mean the ones from the bullet points, they are all in Static Analysis of the "#### App Extensions" section:

Verifying if the App Contains App Extensions
Determining the Supported Data Types
Checking Data Sharing with the Containing App
Verifying if the App Restricts the Use of App Extensions

  @commjoen
commjoen a day ago  Collaborator
let's amke sure there is a separate issue for this: so that we can make the line of discussion a bit more clear and we can work towards merging this pr.

Concretely about the items on the static analysis:

  @commjoen
commjoen on 20 Mar  Collaborator
maybe we can restructure this a bit: as there are too many items, so the static analysis is a bit too far off the rest.

  @cpholguera
cpholguera 16 days ago  Author Collaborator
Do you mean the number of items (bullet points)? As a reference, this static analysis has 4, universal links and custom URL schemes have 5 each.

I'm open to restructuring if that makes it better understandable, what would you suggest?

  @commjoen
commjoen a day ago  Collaborator
yup: but for now: let's make sure this goes into a separate issue (Same as comment above) so that we can move towards merging this PR 👍
@cpholguera
Copy link
Collaborator Author

@commjoen let's try to get to the same page. Could you please give me some input here?

We have these open points:

  1. Your comment about "MiTMing given the mixed content", I think it was really referring to another section ("Testing for Mixed Content" maybe? It is part of "Testing iOS WebViews").
    • If yes, we should discuss this separately. I think what you might be missing over there is something like: mixed content -> MITM -> code injection (e.g. to potentially retrieve sensitive data from JS->Native bridges or to leak files if file access is enabled.
  2. In Static Analysis of the "#### App Extensions" section: you asked "where are these steps tested?", they are right there, as I mentioned in the comment. Please tell me if you're really missing something.
  3. Again in Static Analysis of the "#### App Extensions" section: you said "there are too many items". But almost all sections have 4-5 items on the Static Analysis. Am I missing something? I really don't see how we could reduce the items here, as they're completely independent:
    • Verifying if the app contains app extensions
    • Determining the supported data types
    • Checking data sharing with the containing app
    • Verifying if the app restricts the use of app extensions

Thanks!

@commjoen
Copy link
Collaborator

commjoen commented May 7, 2019

I guess most of the discussion went in odd directions due to the size of the MR and me not overseeing what was happening exactly ^^. Sorry about that!

  1. That sounds like a nice idea in a separate ticket, but not very high prio to me.
    2.: For now I am not missing anything other than how can we misuse an app extension in terms of input provided from the extension towards the process via the shared container and what should we look for that should not be leaked at all given an extension? Because that is not entirely clear to me.
    3.: Maybe we can find another way to restructure this when we are restructuring the chapters and make them unified? For now: let's skip number 3.

@commjoen commjoen added this to the 1.2: Android and iOS updates milestone May 13, 2019
@commjoen commjoen mentioned this issue Aug 16, 2019
Closed
@commjoen
Copy link
Collaborator

Closing this on behalf of #1416 with more clarity.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cpholguera cpholguera

Labels
None yet
Projects
None yet
Milestone
1.3 release - Android / iOS update pa...
Development

No branches or pull requests
2 participants
@commjoen @cpholguera