0phoi5 Posted May 18, 2017 Share Posted May 18, 2017 (edited) Hi, Doing some security testing/learning in my home lab again, this time using an iOS phone. Does anyone know how the Two-Factor-Authentication for iOS devices determines whether the device logging in is indeed a 'Trusted Device'? Does it use the MAC address of the device, the IP address, a file on the device? I'm using a Kali box to see if I can log in to the iCloud without it asking for Two-Factor-Authentication; tricking the login in to thinking that the Kali box is actually the trusted iOS phone. In order to do so, I need to narrow down how the iOS login determines that the device is trusted. So far, I've found; Quote "With two-factor authentication, your account can only be accessed on devices you trust, like your iPhone, iPad, or Mac. When you want to sign in to a new device for the first time, you'll need to provide two pieces of information—your password and the six-digit verification code that's automatically displayed on your trusted devices. By entering the code, you're verifying that you trust the new device. For example, if you have an iPhone and are signing into your account for the first time on a newly purchased Mac, you'll be prompted to enter your password and the verification code that's automatically displayed on your iPhone. Because your password alone is no longer enough to access your account, two-factor authentication dramatically improves the security of your Apple ID and all the personal information you store with Apple. Once signed in, you won’t be asked for a verification code on that device again unless you sign out completely, erase the device, or need to change your password for security reasons. When you sign in on the web, you can choose to trust your browser, so you won’t be asked for a verification code the next time you sign in from that computer." I assume this means that a file must be saved on the device somewhere? Thank you. Edited May 18, 2017 by haze1434 Quote Link to comment Share on other sites More sharing options...
digip Posted May 18, 2017 Share Posted May 18, 2017 Your iDevice probably has a certificate it uses to do some sort of handshake, but you'd probably have to root the device and sniff the process/network to see what is happening, and it most likely won't be sent in the clear(although it could be just a token). Two people I think of when phones are in question, Georgia Wiedman, and Kyle Osborn aka Kos. They might have stuff out there with answers, but I'd in general just google. Quote Link to comment Share on other sites More sharing options...
0phoi5 Posted May 19, 2017 Author Share Posted May 19, 2017 Thanks :) Searching Georgia Wiedman and Kyle Osborn came up with some good articles, I'll have a read. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.