Skip to content
This repository has been archived by the owner. It is now read-only.

nVisium/Swift.nV

master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
api
 
 
 
 
 
 
 
 

Swift.nV

Swift.nV is a vulnerable iOS "secret keeper" application. It is intended as a security training tool instructing Swift developers on common mobile application vulnerabilities, how they are found, and how to prevent them.

Setup

Swift.nV has currently been tested using:

XCode 9.1
iOS Simulator 
	- iPhone SE/8/8+/X
	- iPad 2/Air/Air 2/Pro
	- up to iOS 11.x
Ruby + Sinatra (for the backend web service)
	Required Ruby Gems:
	- sinatra, dm-core, dm-timestamps, dm-migrations, dm-serializer, bcrypt

Run

- Open up the Swift.nV.xcodeproj using XCode 9.1
- Click the Run icon after selecting one of the iOS Simulator targets
- ** Following if needed if testing network functionality
	- Start the Sinatra backend web service:
		- In the api directory run "bundle install" this will install the needed gems	
		- In the api directory run "ruby api.rb"
		- This service should run on localhost (127.0.0.1) port 4567
**

Use

- Click 'register' on the initial log on screen to setup a user.
- Login with the registered user
- Add secrets

Tutorials

- Located within the API at http://localhost:4567/tutorial

Explore

- View the simulator data storage under:
	- ~/Library/Developer/CoreSimulator/Devices/<Device-ID>/data/Containers/Data/Application/<Application-ID>/Documents
	- ~/Library/Developer/CoreSimulator/Devices/<Device-ID>/data/Library/Preferences/

Intentional Vulnerabilities

Not all vulnerabilities have associated tutorials. View the tutorial list included at http://localhost:4567/tutorial for a walk through.

- Weak Server Side Controls (M1) - Backend web service is vulnerable to forced browsing.
- Weak Server Side Controls (M1) - Backend web service is vulnerable to authentication bypass.
- Insecure Data Storage (M2) - Core Data stores all items in the local sqlite database.
- Insecure Data Storage (M2) - Username/email address is in the user preferences plist file.
- Insufficient Transport Layer Protection (M3) - No SSL for backend web service.
- Unintended Data Leakage (M4) - No protections of automatic iOS background screenshots.
- Unintended Data Leakage (M4) - Log contains multiple sensitive strings.
- Unintended Data Leakage (M4) - Autocomplete is not enabled on sensitive screens (secret entry).
- Unintended Data Leakage (M4) - Login form is not cleared upone successful login.
- Poor Authorization and Authentication (M5) - Changes to insecure stored data (email address) bypasses authentication.
- Poor Authorization and Authentication (M5) - Same email address can be registered multiple times, allowing a user to view another's secrets.
- Broken Cryptography (M6) - Shared Secret "CryptoKey" is stored within the Environment.plist file.
- Client Side Injection (M7) - multiple locations, including Format String Injection on the login screen.
- Improper Session Handling (M8) - App completely lacks any session tokens or they are unused for interaction with API.

About

Security Training Tool that demonstrates common mobile application vulnerabilities using Swift in iOS

Resources

License

Stars

Watchers

Forks

Packages

No packages published