Announced at the end of September, Apple indicated that iPhones would begin using CloudKit for backups very much like iPhoto has been doing prior to. This change would mean the migration from the existing dedicated iCloud backup system which provided cloud support for iPhone backups and to the CloudKit infrastructure. This change would result in a new API to access/query iPhone backups as well as possibly new changes to (ATP) Apple Transfer Protocol to bolster security and mitigate Man In The Middle attacks.
Up until today (Dec 4th) we have been successfully using iLoot and its decryption algorithms to download archived iPhone snapshots from iCloud. At present, iloot is no longer functional. Authentication continues to work but the iPhone backups have been migrated/hidden for the purposes of retrieving. We believe this to be true for all devices using iOS 9.x and earlier versions as well. In addition to iCloud backups having been moved the decryption algorithm has changed.
Two open source projects exist which are able to successfully access CloudKit and authenticate but no solution has been made public concerning a decryption strategy for KeyBag's downloaded from CloudKit. The two open source projects are Inflatable Donkey (Java) and a port of Inflatable Donkey in Python, both of these projects are clones of iLoot.
We have verified that at least two companies are successfully retrieving iOS 9.x snapshots from CloudKit. They both appear to have resolved the issues concerning decrypting KeyBag's.
What we need done.
We need to reverse engineer a google protocol buffer. Once we have a valid .proto file we can decrypt the key bags and finish our project. The Inflatable Donkey project describes the issues in detail.
Inflatable Donkey - [login to view URL]
iLoot - [login to view URL]
iOS9 Security Guide - [login to view URL]
Inflatable Donkey (Python Port) - [login to view URL]
[login to view URL]
Reverse Buffer - [login to view URL]
How CloudKit uses buffers - [login to view URL]
4 freelanceri licitează în medie 2565$ pentru acest proiect
Hello Sir, i am here to represent Esper solutions a leading Software and hardware developing company of Pakistan. We have skilled team who have developed more than 100 professional solutions for clients from different Mai multe
I've experience working with Protocol Reversing and Binary Analysis. But Not exactly into something which you are talking about. But I should be able to try.