I have a sqlite file(it may be either encrypted or non-encrypted) in Document Directory in an already created app, now in updated version i have to check it for decryption, if file is found encrypted then we will use it after decryption but it found non-encrypted then we will use it simply.
Is there any way to do it?
According to "The SQLite Database File Format",
every SQLite file starts with the bytes "SQLite format 3", followed by a nul termination.
Assuming that the encryption scrambles all bytes of the file, you can read the first 16
bytes and check if they match the above string.
But a simpler method is to just open the file with sqlite3_open() or one of the
related open calls. If that fails with the error code SQLITE_CORRUPT, you can assume
that the file was encrypted, so you decrypt it and open it again.
If you know what the encryption method is beforehand, you can try to find fingerprints of the method in order to detect if the file is encrypted or not. But there are encryption methods that are designed specifically to hide encryption into files that do not look encrypted.
This is the case of watermarking encryption embedded into images. You can open the images and they will look like any ordinary image file, but in fact there is encrypted information there.
Related
I'm trying to read and analysis iPhone backup files in Library/Application Support/MobileSync/Backup folder.
I use SQLite DB viewer to view the manifest.db:
Files TABLE structure
Files TABLE content
The filename is encrypted. And the file is blob type which I can't decide it's an image or text or documents.
How can I get the details of these backup? (Using Javascript would be best, or Swift).
The numbers and letters under fileID are the file names in the backup as in the folders with the manifest.db, and they correspond to the domain and relative path (duh). In iOS versions newer than 9.3.5, you can find the file itself in the folder named with the 1st 2 characters of the fileID. At the end of the relative path in the database it should have an extension. Use that as a hint to what program to use to open the file. Xcode for .plist etc. Ultimately it depends what you're looking for...
The blob in the blob column is a binary plist. You can parse it using a plist parser e.g. Property List Parsing
The blob appears to be base64 encoded, but I cannot figure out the type of the resulting binary blob. I've checked to see if it can be decrypted with openssl enc -aes-256-cbc -d decoded-string-as-binary-blob.datafile but I get back "bad magic." I've also tries all of the other AES encryption ciphers and block cipher modes, but no change. It could always be XOR'd with a value, but I haven't found an easy to test that theory.
I am trying to diagnose a problem with an unsupported app. This app has encrypted it's .plist file (which hopefully contains the information that I need.) I have the file system of the device backed up and accessible but have not been able to gain access to this specific applications files. Does anyone have any tips on how I can try to go about this?
(Just to be clear, I do understand the difference between a binary and an xml .plist file. I suspect that this is a binary file that has been encrypted.)
If the file is truly encrypted, you will not decrypt is without finding the key.
Going off the assumption that the file is not actually encrypted, you should try to find what format and encoding it is. Do a hex dump of the file and look at the first few characters. Many file tropes have specific signatures there to identify their format and encoding.
I have a custom requirement in one of my products and I need to protect or encrypt files that are stored inside the NSDocumentsDirectory folder. Even if these documents are mailed (The app has the ability to mail documents) to some other person , he or she will not be able to open this document without using my app (I will be using open in functionality of email attachments). So basically only the application can access all these documents and without the app the documents should be mere junk. IS there any way to do it, or has any one done something before.
I also saw this but could not get a complete idea.
If you want a quick and easy method for data that doesn't need serious security, just zip the files with a fixed password.
ZipArchive is a good library for this.
For a more serious approach, check iOS - Protecting files with a custom encryption key?
The other post you mentioned works on the concept of password protecting the files, I had encountered the same issue that was for my custom defined files in which our team, encoded the contents of the file on random locations, and saved it.
Only our Application could decode it correctly as we had the key :)
It was a windows application, It would work here also.
I think I'm missing something about mediafilesegmenter.
The docs say this about encrypting content:
The media stream segmenter available from Apple provides encryption
and supports three modes for configuring encryption. The first mode
allows you to specify a path to an existing key file on disk. In this
mode the segmenter inserts the URL of the existing key file in the
index file. It encrypts all media files using this key. The second
mode instructs the segmenter to generate a random key file, save it in
a specified location, and reference it in the index file. All media
files are encrypted using this randomly generated key. The third mode
instructs the segmenter to generate a new random key file every n
media segments, save it in a specified location, and reference it in
the index file. This mode is referred to as key rotation. Each group
of n files is encrypted using a different key.
http://developer.apple.com/library/mac/#documentation/NetworkingInternet/Conceptual/StreamingMediaGuide/UsingHTTPLiveStreaming/UsingHTTPLiveStreaming.html#//apple_ref/doc/uid/TP40008332-CH102-SW3
The docs say this about mediafilesegmenter:
The file segmenter performs the same tasks as the stream segmenter, but it takes files as input instead of streams.
http://developer.apple.com/library/mac/#documentation/NetworkingInternet/Conceptual/StreamingMediaGuide/HTTPStreamingArchitecture/HTTPStreamingArchitecture.html#//apple_ref/doc/uid/TP40008332-CH101-DontLinkElementID_7
So, I'm guessing mediafilesegmenter has those three modes, just like mediastreamsegmenter does. I'm trying to use the second mode. Here's my command:
mediafilesegmenter -f encryptedSegmentsDirectory -encrypt-iv=sequence
-encrypt-key encryptedSegmentsDirectory/key.txt media.m4v
The result is .ts files and two m3u8 files, neither of which seem to reference key files. I get this response:
mediafilesegmenter: option `-encrypt-key' is ambiguous
Is there an example that shows how to do this successfully?
Also, HTTP Live Streaming seems to insist on serving key files over http:
You can serve key files using either HTTP or HTTPS. You may also
choose to protect the delivery of the key files using your own
session-based authentication scheme. For details, see “Serving Key
Files Securely Over HTTPS.”
I'd like to serve it on a local file on the iOS file system instead from a server. Is this possible? If not, would there any problem with serving it from a local web server?
Sorry if I missed something obvious - please feel free to just point me to the relevant documentation!
Doh - I got the switch wrong. It's -encrypt-key-file, not -encrypt-key. Sorry, everyone! I just needed to step away for a while.
I have a upload text file field, and with it I plan to save the file somewhere and then store the location of the file in a database. However, I want to make sure the file they uploaded is a .txt file, and not, say, an image file. I imagine this happens in the validation step. How does one validate such a thing? Also, how do you get the filename of the uploaded file? I could always just check if it said '.txt' but for future reference knowing how to validate without just the filename would be helpful.
Trying to validate the contents of a file based on the filename extension is opening the door for major hackerdom. It's trivial to change the extension and upload the file.
If you are on a Mac/Linux/Unix-based system the OS "file" command is the standard because it looks inside the file for key bytes that flag file types. http://en.wikipedia.org/wiki/File_(Unix) I'm not sure what's available for Windows, but this might help: Determine file type in Ruby
One way of doing it, the simple way really, would be to pass the file through an image loader, preferably one that handles multiple common formats, and see if it throws an error.
The other way is to manually check the file header for common image format headers. For example, .bmp files start with BM. Other formats have their own specific markings you can use.