NSUserDefaults Storage
NSUserDefaults class is one more way data on the iOS device persists even after restart. The information stored NSUserDefaults class is stored in plaintext plist file.
Last updated
NSUserDefaults class is one more way data on the iOS device persists even after restart. The information stored NSUserDefaults class is stored in plaintext plist file.
Last updated
In this exercise the app stores data using a NSUserDefaults file in the application sandbox.Your task is to locate the NSUserDefaults file and find the sensitive data that it contains.
When a user enters any random PIN number the application prompts to try Harder and If a valid PIN number is entered we get a status message as success as shown below;
NSUserDefaults files are usually found in the below given path;
Download iGoat-Swift application files from the above path using SFTP/SCP to our host machine. Open the file using the Vim editor and you will see the data in binary, which is not in human-readable format:
Open the file using the Vim editor and you will see the data in binary, which is not in human-readable format:
Let’s convert the binary file into the XML format so that we can read its contents. You can use the plutil utility to convert the binary file into the XML format and Once converted into XML format, you can observe the sensitive information in plain text, as shown in the following:
The data stored in NSUserDefaults is not secured and should not be used to store sensitive information.