def createWithSystemkbfile(filename, wipeablekey, deviceKey=None): mkb = BPlistReader.plistWithFile(filename) decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"], wipeablekey, mkb["_MKBIV"], padding=True) decryptedPlist = BPlistReader.plistWithString(decryptedPlist) blob = decryptedPlist["KeyBagKeys"] return Keybag.createWithDataSignBlob(blob, deviceKey)
def getBackupKeyBag(backupfolder, passphrase): manifest = BPlistReader.plistWithFile(backupfolder + "/Manifest.plist") kb = Keybag(manifest["BackupKeyBag"].data) if kb.unlockBackupKeybagWithPasscode(passphrase): print "BackupKeyBag unlock OK" return kb else: return None
def getBackupKeyBag(backupfolder, passphrase): manifest = BPlistReader.plistWithFile(backupfolder + "/Manifest.plist") kb = Keybag(manifest["BackupKeyBag"].data) if kb.unlockBackupKeybagWithPasscode(passphrase): print "BackupKeyBag unlock OK" return kb else: return None
def createWithSystemkbfile(filename, bag1key, deviceKey=None): if filename.startswith("bplist"): #HAX mkb = BPlistReader.plistWithString(filename) else: mkb = BPlistReader.plistWithFile(filename) try: decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"].data, bag1key, mkb["_MKBIV"].data, padding=True) except: print "FAIL: AESdecryptCBC _MKBPAYLOAD => wrong BAG1 key ?" return None if not decryptedPlist.startswith("bplist"): print "FAIL: decrypted _MKBPAYLOAD is not bplist" return None decryptedPlist = BPlistReader.plistWithString(decryptedPlist) blob = decryptedPlist["KeyBagKeys"].data return Keybag.createWithDataSignBlob(blob, deviceKey)
def createWithSystemkbfile(filename, bag1key, deviceKey=None): if filename.startswith("bplist"): #HAX mkb = BPlistReader.plistWithString(filename) else: mkb = BPlistReader.plistWithFile(filename) try: decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"].data, bag1key, mkb["_MKBIV"].data, padding=True) except: print "FAIL: AESdecryptCBC _MKBPAYLOAD => wrong BAG1 key ?" return None if not decryptedPlist.startswith("bplist"): print "FAIL: decrypted _MKBPAYLOAD is not bplist" return None decryptedPlist = BPlistReader.plistWithString(decryptedPlist) blob = decryptedPlist["KeyBagKeys"].data return Keybag.createWithDataSignBlob(blob, deviceKey)
def decrypt_backup(backupfolder, outputfolder, passphrase): manifest = plistlib.readPlist(backupfolder + "/Manifest.plist") if not manifest["IsEncrypted"]: print "backup is not encrypted manifest[IsEncrypted]" return manifest_data = manifest["Data"].data authdata = manifest["AuthData"].data pkbdf_salt = authdata[:8] iv = authdata[8:24] key = PBKDF2(passphrase,pkbdf_salt,iterations=2000).read(32) data = AES.new(key, AES.MODE_CBC, iv).decrypt(authdata[24:]) auth_key = data[:32] if hashlib.sha1(auth_key).digest() != data[32:52]: print "wrong auth key (hash mismatch) => wrong passphrase" return print "Passphrase seems OK" for mdinfo_name in glob.glob(backupfolder + "/*.mdinfo"): mddata_name = mdinfo_name[:-7] + ".mddata" mdinfo = BPlistReader.plistWithFile(mdinfo_name) if mdinfo["IsEncrypted"]: metadata = decrypt_blob(mdinfo["Metadata"], auth_key) metadata = BPlistReader.plistWithString(metadata) print metadata["Path"] filedata = read_file(mddata_name) filedata = decrypt_blob(filedata, auth_key) filename = metadata["Path"].replace("/","_") write_file(outputfolder + "/" + filename, filedata)
def createWithSystemkbfile(filename, bag1key, deviceKey=None): if filename.startswith("bplist"): #HAX mkb = BPlistReader.plistWithString(filename) else: mkb = BPlistReader.plistWithFile(filename) try: decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"].data, bag1key, mkb["_MKBIV"].data, padding=True) except: print "FAIL: AESdecryptCBC _MKBPAYLOAD => wrong BAG1 key ?" return None if not decryptedPlist.startswith("bplist"): print "FAIL: decrypted _MKBPAYLOAD is not bplist" return None decryptedPlist = BPlistReader.plistWithString(decryptedPlist) blob = decryptedPlist["KeyBagKeys"].data kb = Keybag.createWithDataSignBlob(blob, deviceKey) if decryptedPlist.has_key("OpaqueStuff"): OpaqueStuff = BPlistReader.plistWithString(decryptedPlist["OpaqueStuff"].data) kb.passcodeComplexity = OpaqueStuff.get("keyboardType") return kb
def getSystemkbfileWipeID(filename): mkb = BPlistReader.plistWithFile(filename) return mkb["_MKBWIPEID"]
def getSystemkbfileWipeID(filename): mkb = BPlistReader.plistWithFile(filename) return mkb["_MKBWIPEID"]
def __init__(self, filename, keybag): self.keychain = BPlistReader.plistWithFile(filename) self.keybag = keybag
def createWithSystemkbfile(filename, wipeablekey, deviceKey=None): mkb = BPlistReader.plistWithFile(filename) decryptedPlist = AESdecryptCBC(mkb["_MKBPAYLOAD"], wipeablekey, mkb["_MKBIV"], padding=True) decryptedPlist = BPlistReader.plistWithString(decryptedPlist) blob = decryptedPlist["KeyBagKeys"] return Keybag.createWithDataSignBlob(blob, deviceKey)
def __init__(self, filename, keybag): self.keychain = BPlistReader.plistWithFile(filename) self.keybag = keybag