plist (Property List) is a flexible and convenient format for storing application data.Many times a developer makes the mistake of saving sensitive informations like users Credentials/Pin in plist.
In this exercise the app stores data using a Plist file in the application sandbox.Your task is to locate the Plist file and find the sensitive data that it contains.
Once we enter the Username and Password the records are stored successfully in the Plist file in the application Sandbox.
In this example, the Plist file is stored in the below given path:
Download the Plist file to your host machine from the above path using SFTP/SCP.
╭─arun@Aruns-MacBook-Pro ~/Documents/iOS/OWASP_iGoat╰─$ scp email@example.com:/private/var/mobile/Containers/Data/Application/464B6C36-FBB9-4209-AC2C-6793098AB807/Documents/Credentials.plist .firstname.lastname@example.org's password:Credentials.plist 100% 279 1.5KB/s 00:00╭─arun@Aruns-MacBook-Pro ~/Documents/iOS/OWASP_iGoat╰─$ lsCredentials.plist
Once you download application files, open the Credentials.plist file and you will observe that the sensitive information that is filled via UI is stored insecurely in plain text format.