RSS
 

Keychain dumper usage explained

27 Mar

Keychain Dumper tool is used to dump keychain entries on iOS devices. Steps listed below explains the usage of keychain dumper tool on iOS 5 devices.

Run keychain dumper on iPhone:
1. Jailbreak your iPhone.
2. Install openssh from cydia.
3. On Windows workstation, download keychain_dumper, winscp & putty tools.
4. Connect iPhone and workstation to the same WI-FI network.
5. Run winscp and connect to the iPhone by typing iPhone IP address, root as username and alpine as password.

Browse iPhone folders with winscp on windows

6.Copy keychaindumper executable to iPhone root directory.Copy keychain dumper to iPhone with winscp on windows

7.Run putty and connect to the iPhone by typing iPhone IP, root as username and alpine as password.
8.On putty terminal, type chmod 777 keychain_dumper and ./keychain_dumper commands. It will execute the keychain_dumper tool and displays all the entries in keychain.Run keychain dumper with Putty on windows

 
9 Comments

Posted in iPhone

 

Tags: , , , ,

Leave a Reply

 

 
  1. elmono

    February 19, 2013 at 6:07 am

    Claims that there are no passwords, which is impossible!?
    iPhone 3Gs, iOS 4.2.1 (jailbroken).

     
    • satishb3

      February 19, 2013 at 8:00 am

       
      • elmono

        February 22, 2013 at 9:22 am

        Thanks for the link, but keychain_dump cannot be used by following your tutorial, and their website provides no how-to.

         
        • satishb3

          February 22, 2013 at 10:00 am

          It is similar to keychain dumper. Download and load into iPhone. Change permission and run it. Result is stored in plist files. Later Use plutil command to view plist.

           
          • elmono

            February 22, 2013 at 2:21 pm

            I did figure out the problem and got it to work, but the most important thing I need is encrypted, are there any tools to decrypt the hash? i.e: “lVTMQswCQYDVQQIEwJ”

             
          • satishb3

            February 22, 2013 at 7:32 pm

            No. It completely depends on the application which stored that entry.

             
  2. MacyDenie

    March 18, 2013 at 6:20 pm

    Cannot find the gmail password stored in Keychain. Is there a way to retrieve this? Thx

     
    • satishb3

      March 18, 2013 at 6:33 pm

      I guess the latest version of gmail app is not storing the pwd in keychain. Instead it is storing auth token.

       
  3. Johann

    March 27, 2014 at 4:39 am

    Will this work on ios7?