[This blog post was written originally around 2014 and the tool is obsolete. Only presented here for reference]
https://danteshub.in/tools/advanced-keychain-dumper.zip
The keychain dumper does not require installation. Its signed and can be run directly. This was created after getting tired of modifying the existing ones to work as needed. Other than dumping the keychain items, this one has additional features:
- Dumps keychain items even when the iOS device is protected with passcode – This feature can be used to convince people that keychain items locked with passcode are not secure unless appropriate keychain attributes are used.
- Dumps keychain items to binary files – More than once I had to edit the existing keychain dumper to dump the keys as raw binary files.
-
Creates a PKCS12 certificate from key and cert pair dumped from the keychain using openssl -This is out of place feature for a keychain dumper. But creating wireless certificates from keys and public certs in keychain has not been documented and I needed this for an assessment when I was denied access to the wireless certs. Here are the openssl commands you need to create a certificate that can be imported in PC/Mac
openssl rsa -in <keyfile> -inform DER –out <keyfile_pem>.key
-outform PEM
openssl x509 -in <certfile>
-inform DER -out <certfile_pem>.crt -outform PEM
openssl pkcs12 -export -in <certfile_pem>.crt -inkey <keyfile_pem>.key -out <output_pkcs12_file>.p12
To do :
- Fix a bug related to information displayed under Protection domain
- Statically compile the keychain dumper
Even though the dumper was written from scratch, lot of this code is possible because of the research made available here
https://code.google.com/p/iphone-dataprotection/