Common Information
| Type | Value |
|---|---|
| Value |
Keychain - T1634.001 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may collect keychain data from an iOS device to acquire credentials. Keychains are the built-in way for iOS to keep track of users' passwords and credentials for many services and features such as Wi-Fi passwords, websites, secure notes, certificates, private keys, and VPN credentials. On the device, the keychain database is stored outside of application sandboxes to prevent unauthorized access to the raw data. Standard iOS APIs allow applications access to their own keychain contained within the database. By utilizing a privilege escalation exploit or existing root access, adversaries can access the entire encrypted database.(Citation: Apple Keychain Services)(Citation: Elcomsoft Decrypt Keychain) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2012-06-08 | 0 | New Hardware Key for iPad 3 Passcode Verification or Is It Just Masking? | ||
| Details | Website | 2012-04-05 | 1 | New Features in EPPB | ||
| Details | Website | 2012-03-16 | 11 | BlackHat EU 2012 – Day 3 | Corelan Cybersecurity Research | ||
| Details | Website | 2012-03-14 | 13 | BlackHat EU 2012 – Day 1 | Corelan Cybersecurity Research | ||
| Details | Website | 2012-02-22 | 3 | Assesment of Visual Voicemail on iPhones | ||
| Details | Website | 2011-10-23 | 0 | iTrust. Or not? | ||
| Details | Website | 2011-05-09 | 1 | How to remove iPad/iPhone/iPod Touch encrypted backups password if you forgot it | ||
| Details | Website | 2010-02-05 | 95 | NIST Special Publication 800-63B |