Merge branch 'master' of https://github.com/OWASP/owasp-mastg into pr…

…/titze/3056
OWASP · Nov 22, 2024 · 92f32b8 · 92f32b8
2 parents 786b79c + 1ba5073
commit 92f32b8
Show file tree

Hide file tree

Showing 35 changed files with 538 additions and 86 deletions.
diff --git a/Document/0x05a-Platform-Overview.md b/Document/0x05a-Platform-Overview.md
@@ -646,12 +646,21 @@ When an application is installed on the Android device, the Package Manager ensu
 
 ### APK Signing Schemes
 
-Android supports three application signing schemes. Starting with Android 9 (API level 28), APKs can be verified with APK Signature Scheme v3 (v3 scheme), APK Signature Scheme v2 (v2 scheme) or JAR signing (v1 scheme). For Android 7.0 (API level 24) and above, APKs can be verified with the APK Signature Scheme v2 (v2 scheme) or JAR signing (v1 scheme). For backwards compatibility, an APK can be signed with multiple signature schemes in order to make the app run on both newer and older SDK versions. [Older platforms ignore v2 signatures and verify v1 signatures only](https://source.android.com/security/apksigning/ "APK Signing").
+Android supports multiple application signing schemes:
+
+- **Below Android 7.0 (API level 24)**: applications can only use the JAR signing (v1) scheme which does not protect all parts of the APK. This scheme is considered insecure.
+- **Android 7.0 (API level 24) and above**: applications can use the **v2 signature scheme**, which signs the APK as a whole, providing stronger protection compared to the older v1 (JAR) signing method.
+- **Android 9 (API level 28) and above**: It's recommended to use both the **v2 and v3 signature schemes**. The v3 scheme supports **key rotation**, enabling developers to replace keys in the event of a compromise without invalidating old signatures.
+- **Android 11 (API level 30) and above**: applications can optionally include the **v4 signature scheme** to enable faster incremental updates.
+
+For backwards compatibility, an APK can be signed with multiple signature schemes in order to make the app run on both newer and older SDK versions.  For example, [older platforms ignore v2 signatures and verify v1 signatures only](https://source.android.com/security/apksigning/).
 
 #### JAR Signing (v1 Scheme)
 
 The original version of app signing implements the signed APK as a standard signed JAR, which must contain all the entries in `META-INF/MANIFEST.MF`. All files must be signed with a common certificate. This scheme does not protect some parts of the APK, such as ZIP metadata. The drawback of this scheme is that the APK verifier needs to process untrusted data structures before applying the signature, and the verifier discards data the data structures don't cover. Also, the APK verifier must decompress all compressed files, which takes considerable time and memory.
 
+This signature scheme is considered insecure, it is for example affected by the **Janus vulnerability (CVE-2017-13156)**, which can allow malicious actors to modify APK files without invalidating the v1 signature. As such, **v1 should never be relied on for devices running Android 7.0 and above**.
+
 #### APK Signature Scheme (v2 Scheme)
 
 With the APK signature scheme, the complete APK is hashed and signed, and an APK Signing Block is created and inserted into the APK. During validation, the v2 scheme checks the signatures of the entire APK file. This form of APK verification is faster and offers more comprehensive protection against modification. You can see the [APK signature verification process for v2 Scheme](https://source.android.com/security/apksigning/v2#verification "APK Signature verification process") below.

diff --git a/Document/0x05d-Testing-Data-Storage.md b/Document/0x05d-Testing-Data-Storage.md
@@ -39,23 +39,14 @@ Understanding each relevant data storage function is crucial for performing the
 
 ### Shared Preferences
 
-The [SharedPreferences](https://developer.android.com/training/data-storage/shared-preferences "Shared Preferences") API is commonly used to permanently save small collections of key-value pairs. Data stored in a SharedPreferences object is written to a plain-text XML file. The SharedPreferences object can be declared world-readable (accessible to all apps) or private.
-Misuse of the SharedPreferences API can often lead to exposure of sensitive data. Consider the following example:
+The [`SharedPreferences`](https://developer.android.com/training/data-storage/shared-preferences "Shared Preferences") API is commonly used to permanently save small collections of key-value pairs.
 
-Example for Java:
+Since Android 4.2 (API level 17) the `SharedPreferences` object can only be declared to be private (and not world-readable, i.e. accessible to all apps). However, since data stored in a `SharedPreferences` object is written to a plain-text XML file so its misuse can often lead to exposure of sensitive data.
 
-```java
-SharedPreferences sharedPref = getSharedPreferences("key", MODE_WORLD_READABLE);
-SharedPreferences.Editor editor = sharedPref.edit();
-editor.putString("username", "administrator");
-editor.putString("password", "supersecret");
-editor.commit();
-```
-
-Example for Kotlin:
+Consider the following example:
 
 ```kotlin
-var sharedPref = getSharedPreferences("key", Context.MODE_WORLD_READABLE)
+var sharedPref = getSharedPreferences("key", Context.MODE_PRIVATE)
 var editor = sharedPref.edit()
 editor.putString("username", "administrator")
 editor.putString("password", "supersecret")
@@ -74,14 +65,31 @@ Once the activity has been called, the file key.xml will be created with the pro
 </map>
 ```
 
-- `MODE_WORLD_READABLE` allows all applications to access and read the contents of `key.xml`.
+`MODE_PRIVATE` makes the file only accessible by the calling app. See ["Use SharedPreferences in private mode"](https://developer.android.com/privacy-and-security/security-best-practices#sharedpreferences).
 
-```bash
-root@hermes:/data/data/sg.vp.owasp_mobile.myfirstapp/shared_prefs # ls -la
--rw-rw-r-- u0_a118    170 2016-04-23 16:51 key.xml
-```
+> Other insecure modes exist, such as `MODE_WORLD_READABLE` and `MODE_WORLD_WRITEABLE`, but they have been deprecated since Android 4.2 (API level 17) and [removed in Android 7.0 (API Level 24)](https://developer.android.com/reference/android/os/Build.VERSION_CODES#N). Therefore, only apps running on an older OS version (`android:minSdkVersion` less than 17) will be affected. Otherwise, Android will throw a [SecurityException](https://developer.android.com/reference/java/lang/SecurityException). If an app needs to share private files with other apps, it is best to use a [FileProvider](https://developer.android.com/reference/androidx/core/content/FileProvider) with the [FLAG_GRANT_READ_URI_PERMISSION](https://developer.android.com/reference/android/content/Intent#FLAG_GRANT_READ_URI_PERMISSION). See [Sharing Files](https://developer.android.com/training/secure-file-sharing) for more details.
 
-> Please note that `MODE_WORLD_READABLE` and `MODE_WORLD_WRITEABLE` were deprecated starting on API level 17. Although newer devices may not be affected by this, applications compiled with an `android:targetSdkVersion` value less than 17 may be affected if they run on an OS version that was released before Android 4.2 (API level 17).
+You might also use [`EncryptedSharedPreferences`](https://developer.android.com/reference/androidx/security/crypto/EncryptedSharedPreferences), which is wrapper of `SharedPreferences` that automatically encrypts all data stored to the shared preferences.
+
+```kotlin
+var masterKey: MasterKey? = null
+masterKey = Builder(this)
+    .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+    .build()
+
+val sharedPreferences: SharedPreferences = EncryptedSharedPreferences.create(
+    this,
+    "secret_shared_prefs",
+    masterKey,
+    EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
+    EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
+)
+
+val editor = sharedPreferences.edit()
+editor.putString("username", "administrator")
+editor.putString("password", "supersecret")
+editor.commit()
+```
 
 ### Databases
 

diff --git a/Document/0x05i-Testing-Code-Quality-and-Build-Settings.md b/Document/0x05i-Testing-Code-Quality-and-Build-Settings.md
@@ -24,7 +24,7 @@ Three APK signing schemes are available:
 - APK Signature Scheme v3 (v3 scheme).
 
 The v2 signature, which is supported by Android 7.0 (API level 24) and above, offers improved security and performance compared to v1 scheme.
-The V3 signature, which is supported by Android 9 (API level 28) and above, gives apps the ability to change their signing keys as part of an APK update. This functionality assures compatibility and apps continuous availability by allowing both the new and the old keys to be used. Note that it is only available via apksigner at the time of writing.
+The V3 signature, which is supported by Android 9 (API level 28) and above, gives apps the ability to change their signing keys as part of an APK update. This functionality assures compatibility and apps continuous availability by allowing both the new and the old keys to be used. Note that it is only available via @MASTG-TOOL-0123 at the time of writing.
 
 For each signing scheme the release builds should always be signed via all its previous schemes as well.
 

diff --git a/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0011/security_keysize.r2 b/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0011/security_keysize.r2
@@ -1,23 +1,22 @@
-!printf "\n\n"
+?e;?e
 
-!printf "Uses of SecKeyCreateRandomKey:\n"
+?e Uses of SecKeyCreateRandomKey:
 afl~SecKeyCreateRandomKey
 
-!printf "\n"
+?e
 
-!printf "xrefs to SecKeyCreateRandomKey:\n"
+?e xrefs to SecKeyCreateRandomKey:
 axt @ 0x1000078ac
 
-!printf "\n"
+?e
 
-!printf "Use of reloc.kSecAttrKeySizeInBits as input for SecKeyCreateRandomKey:\n"
+?e Use of reloc.kSecAttrKeySizeInBits as input for SecKeyCreateRandomKey:
 pd 1 @ sym.func.1000046f8
 
-!printf "...\n"
+?e ...
 
 pd 9 @ 0x10000484c
 
-!printf "...\n"
+?e ...
 
 pd-- 2 @ 0x1000049a0
-
diff --git a/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0013/sec_hardcoded_rsa.r2 b/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0013/sec_hardcoded_rsa.r2
@@ -1,17 +1,17 @@
-e asm.bytes = false
+e asm.bytes=false
 e scr.color=false
 e asm.var=false
 
-!printf "Uses of SecKeyCreateWithData:\n"
+?e Uses of SecKeyCreateWithData:
 afl~SecKeyCreateWithData
 
-!printf "\n"
+?e
 
-!printf "xrefs to SecKeyCreateWithData:\n"
+?e xrefs to SecKeyCreateWithData:
 axt @ 0x100007904
 
-!printf "\n"
+?e
 
 pdf @ sym.func.10000491c > function.asm
 
-px 607 @ 0x1000100c8 > key.asm
+px 607 @ 0x1000100c8 > key.asm
diff --git a/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0014/cryptokit_hardcoded_ecdsa.r2 b/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0014/cryptokit_hardcoded_ecdsa.r2
@@ -1,21 +1,21 @@
-e asm.bytes = false
+e asm.bytes=false
 e scr.color=false
 e asm.var=false
 
-!printf "Uses of CryptoKit.P256.Signing.PrivateKey:\n"
+?e Uses of CryptoKit.P256.Signing.PrivateKey:
 afl~CryptoKit.P256.Signing.PrivateKey
 
-!printf "\n"
+?e
 
-!printf "xrefs to CryptoKit.P256.Signing.PrivateKey.rawRepresentation:\n"
+?e xrefs to CryptoKit.P256.Signing.PrivateKey.rawRepresentation:
 axt @ 0x100007388
 
-!printf "\n"
+?e
 
-!printf "Use of CryptoKit.P256.Signing.PrivateKey.rawRepresentation:\n"
+?e Use of CryptoKit.P256.Signing.PrivateKey.rawRepresentation:
 
 pd-- 9 @ 0x1000048d4
 
 pdf @ sym.func.1000046dc > function.asm
 
-px 32 @ 0x1000100c8 > key.asm
+px 32 @ 0x1000100c8 > key.asm
diff --git a/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0015/cchash.r2 b/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0015/cchash.r2
@@ -1,22 +1,22 @@
-!printf "\n\n"
+?e;?e
 
-!printf "Uses of CommonCrypto hash function:\n"
+?e Uses of CommonCrypto hash function:
 afl~CC_
 
-!printf "\n"
+?e
 
-!printf "xrefs to CC_MD5:\n"
+?e xrefs to CC_MD5:
 axt @ 0x1000071a8
 
-!printf "xrefs to CC_SHA1:\n"
+?e xrefs to CC_SHA1:
 axt @ 0x1000071b4
 
-!printf "\n"
+?e
 
-!printf "Use of MD5:\n"
+?e Use of MD5:
 pd-- 5 @ 0x1000048c4
 
-!printf "\n"
+?e
 
-!printf "Use of SHA1:\n"
+?e Use of SHA1:
 pd-- 5 @ 0x10000456c
diff --git a/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0016/cryptokit_hash.r2 b/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0016/cryptokit_hash.r2
@@ -1,24 +1,24 @@
-!printf "\n\n"
+?e;?e
 
-!printf "Uses of CryptoKit.Insecure functions:\n"
+?e Uses of CryptoKit.Insecure functions:
 afl~Insecure.
 
-!printf "\n"
+?e
 
-!printf "xrefs to CryptoKit.Insecure.MD5:\n"
+?e xrefs to CryptoKit.Insecure.MD5:
 axt @ 0x100007280
 
-!printf "\n"
+?e
 
-!printf "xrefs to CryptoKit.Insecure.SHA1:\n"
+?e xrefs to CryptoKit.Insecure.SHA1:
 axt @ 0x10000728c
 
-!printf "\n"
+?e
 
-!printf "Use of MD5:\n"
+?e Use of MD5:
 pd-- 5 @ 0x1000046d8
 
-!printf "\n"
+?e
 
-!printf "Use of SHA1:\n"
+?e Use of SHA1:
 pd-- 5 @ 0x100004214
diff --git a/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0018/cccrypt.r2 b/demos/ios/MASVS-CRYPTO/MASTG-DEMO-0018/cccrypt.r2
@@ -1,18 +1,18 @@
-e asm.bytes = false
+e asm.bytes=false
 e scr.color=false
 e asm.var=false
 
-!printf "Uses of the CCCrypt function:\n"
+?e Uses of the CCCrypt function:
 afl~CCCrypt
 
-!printf "\n"
+?e
 
-!printf "xrefs to CCCrypt:\n"
+?e xrefs to CCCrypt:
 axt @ 0x1000076c4
 
-!printf "\n"
+?e
 
-!printf "Use of CCCrypt:\n"
+?e Use of CCCrypt:
 
 # Seek to the function where CCCrypt is called (Replace with the address found from axt output)
 pd-- 9 @ 0x1000040e0

diff --git a/demos/ios/MASVS-STORAGE/MASTG-DEMO-0019/MASTG-DEMO-0019.md b/demos/ios/MASVS-STORAGE/MASTG-DEMO-0019/MASTG-DEMO-0019.md
@@ -17,6 +17,8 @@ The code snippet below shows sample code that creates a file and marks it with `
 1. Unzip the app package and locate the main binary file (@MASTG-TECH-0058), which in this case is `./Payload/MASTestApp.app/MASTestApp`.
 2. Run `run.sh`.
 
+{{ isExcludedFromBackup.r2 }}
+
 {{ run.sh }}
 
 ### Observation

diff --git a/demos/ios/MASVS-STORAGE/MASTG-DEMO-0019/isExcludedFromBackup.r2 b/demos/ios/MASVS-STORAGE/MASTG-DEMO-0019/isExcludedFromBackup.r2
@@ -1,27 +1,26 @@
-e asm.bytes = false
+e asm.bytes=false
 e scr.color=false
 e asm.var=false
 
-!printf "Uses of isExcludedFromBackup:\n"
+?e Uses of isExcludedFromBackup:
 afl~isExcludedFromBackup
 
-!printf "\n"
+?e
 
-!printf "xrefs to isExcludedFromBackup:\n"
+?e xrefs to isExcludedFromBackup:
 axt @ 0x10000cc28
 
-!printf "\n"
-!printf "Use of isExcludedFromBackup:\n"
+?e
+?e Use of isExcludedFromBackup:
 
 pd-- 5 @ 0x100004594
 
-!printf "\n"
-!print "Search for secret.txt"
+?e
+?e Search for secret.txt:
 / secret.txt
 
-!printf "\n"
-!printf "Use of the string secret.txt:\n"
+?e
+?e Use of the string secret.txt:
 pd-- 5 @ 0x10000443c
 
-
 pdf @ 0x100004594 > function.asm
diff --git a/demos/ios/MASVS-STORAGE/MASTG-DEMO-0019/output.asm b/demos/ios/MASVS-STORAGE/MASTG-DEMO-0019/output.asm
@@ -16,6 +16,7 @@ Use of isExcludedFromBackup:
 │           0x1000045a0      sub x8, x29, 0x88
 │           0x1000045a4      ldur x8, [x8, -0x100]
 
+Search for secret.txt:
 0x10000dbe6 hit4_0 "lueFatal errorsecret.txt"
 
 Use of the string secret.txt:

diff --git a/src/scripts/structure_masvs.sh b/src/scripts/structure_masvs.sh
@@ -18,7 +18,7 @@ else
     SED="sed"
 fi
 
-mkdir -p docs/MASVS/Images
-cp $MASVS_DIR/Document/images/* docs/MASVS/Images
-$SED -i "s#images/#../../../assets/Images/MASVS/#g" docs/MASVS/**/*.md
-$SED -i "s#images/#../../assets/Images/MASVS/#g" docs/MASVS/*.md
+mkdir -p docs/assets/MASVS/Images
+cp $MASVS_DIR/Document/images/* docs/assets/MASVS/Images
+$SED -i "s#images/#../../../assets/MASVS/Images/#g" docs/MASVS/**/*.md
+$SED -i "s#images/#../../assets/MASVS/Images/#g" docs/MASVS/*.md
diff --git a/techniques/android/MASTG-TECH-0115.md b/techniques/android/MASTG-TECH-0115.md
@@ -0,0 +1,11 @@
+---
+title: Obtaining Compiler Provided Security Features
+platform: android
+---
+
+Run @MASTG-TOOL-0028 on the target binary, for example a shared library and grep for the keywords you'd like to check for.
+
+```sh
+rabin2 -I lib/x86_64/libnative-lib.so | grep -E "canary|pic"
+canary   false
+```
diff --git a/techniques/android/MASTG-TECH-0116.md b/techniques/android/MASTG-TECH-0116.md
@@ -0,0 +1,38 @@
+---
+title: Obtaining Information about the APK Signature
+platform: android
+---
+
+## Verify APK Signatures
+
+@MASTG-TOOL-0123 can be used to verify APK signatures:
+
+```bash
+$ apksigner verify --verbose example.apk
+Verifies
+Verified using v1 scheme (JAR signing): false
+Verified using v2 scheme (APK Signature Scheme v2): true
+Verified using v3 scheme (APK Signature Scheme v3): true
+Verified using v3.1 scheme (APK Signature Scheme v3.1): false
+Verified using v4 scheme (APK Signature Scheme v4): false
+Verified for SourceStamp: false
+Number of signers: 1
+```
+
+## Additional Signature Information
+
+Additional information about the signature including fields from the signing certificate, digest and key information can be also examined with @MASTG-TOOL-0123:
+
+```bash
+$ apksigner verify --print-certs --verbose example.apk      
+[...]
+Signer #1 certificate DN: CN=Example Developers, OU=Android, O=Example
+Signer #1 certificate SHA-256 digest: 1fc4de52d0daa33a9c0e3d67217a77c895b46266ef020fad0d48216a6ad6cb70
+Signer #1 certificate SHA-1 digest: 1df329fda8317da4f17f99be83aa64da62af406b
+Signer #1 certificate MD5 digest: 3dbdca9c1b56f6c85415b67957d15310
+Signer #1 key algorithm: RSA
+Signer #1 key size (bits): 2048
+Signer #1 public key SHA-256 digest: 296b4e40a31de2dcfa2ed277ccf787db0a524db6fc5eacdcda5e50447b3b1a26
+Signer #1 public key SHA-1 digest: 3e02ebf64f1bd4ca85732186b3774e9ccd60cb86
+Signer #1 public key MD5 digest: 24afa3496f98c66343fc9c8a0a7ff5a2
+```