Reversing the Apple sandbox
SandBlaster is a tool for reversing (decompiling) binary Apple sandbox profiles. Apple sandbox profiles are written in SBPL (Sandbox Profile Language), a Scheme-like language, and are then compiled into an undocumented binary format and shipped. Primarily used on iOS, sandbox profiles are present on macOS as well. SandBlaster is, to our knowledge, the first tool that reverses binary sandbox profiles to their original SBPL format. SandBlaster works on iOS from version 7 onwards including iOS 11.
The technical report SandBlaster: Reversing the Apple Sandbox presents extensive (though a bit outdated) information on SandBlaster internals.
The reverser (in the
reverse-sandbox/folder) runs on any Python running platform. The helper tools in
tools/sandbox_toolkit/run on macOS only.
iExtractor is open source software released under the 3-clause BSD license.
SandBlaster requires Python for the reverser (in
reverse-sandbox/), Bash for helper scripts (in
helpers/) and tools from the sandbox_toolkit (in
After cloning the SandBlaster repository, you have to clone required tools as submodules:
git submodule update --init tools/sandbox_toolkit
Then you build the
cd tools/sandbox_toolkit/extract_sbops make cd ../extract_sbprofiles make
In order to use SandBlaster you need access to the binary sandbox profiles and the sandbox operations, a set of strings that define sandbox-specific actions. Sandbox operations are extracted from the kernelcache using the
helpers/extract_sandbox_operationsscript, which in turn calls
tools/sandbox_toolkit/extract_sbops/extract_sbops. Sandbox profiles are extracted either from the kernel sandbox extension (as a bundle from iOS >= 9) or from the
sandboxdfile in the iOS filesystem (for iOS <= 8) using the
helpers/extract_sandbox_profilesscript, which in turn calls
So, as input data, SandBlaster requires the kernelcache, the kernel sandbox extension and the
sandboxdfile. Information and scripts on extracting them from a publicly available IPSW (iPhone Software) file is presented by iExtractor.
Below are the steps and commands to reverse the sandbox profiles for iOS 8.4.1, assuming the kernelcache and the
sandboxdfile are available:
# Extract sandbox operations from kernelcache. cd helpers/ ./extract_sandbox_operations iPad2,1_8.4.1_12H321.kernelcache.mach.arm 8.4.1 > iPad2,1_8.4.1_12H321.sb_ops # Extract binary sandbox profile files from sandboxd. mkdir iPad2,1_8.4.1_12H321.sandbox_profiles ./extract_sandbox_profiles iPad2,1_8.4.1_12H321.sandboxd 8.4.1 iPad2,1_8.4.1_12H321.sandbox_profiles/ # Reverse all binary sandbox profiles. cd ../reverse-sandbox/ mkdir iPad2,1_8.4.1_12H321.reversed_profiles for i in ../helpers/iPad2,1_8.4.1_12H321.sandbox_profiles/*; do python reverse_sandbox.py -r 8.4.1 -o ../helpers/iPad2,1_8.4.1_12H321.sb_ops -d iPad2,1_8.4.1_12H321.reversed_profiles/ "$i"; done
Below are the steps and commands to reverse the sandbox profiles for iOS 9.3, assuming the kernelcache and the kernel sandbox extension (
com.apple.security.sandbox.kext) are available:
# Extract sandbox operations from kernelcache. cd helpers/ ./extract_sandbox_operations iPhone5,1_9.3_13E237.kernelcache.mach.arm 9.3 > iPhone5,1_9.3_13E237.sb_ops # Extract sandbox profile bundle from kernel sandbox extension. ./extract_sandbox_profiles iPhone5,1_9.3_13E237.com.apple.security.sandox.kext 9.3 cd ../reverse-sandbox/ # Reverse all binary sandbox profiles in sandbox bundle. mkdir iPhone5,1_9.3_13E237.reversed_profiles # Print all sandbox profiles in bundle. python reverse_sandbox.py -r 9.3 -o ../helpers/iPhone5,1_9.3_13E237.sb_ops -d iPhone5,1_9.3_13E237.reversed_profiles/ ../helpers/sandbox_bundle -psb # Do actual reversing. python reverse_sandbox.py -r 9.3 -o ../helpers/iPhone5,1_9.3_13E237.sb_ops -d iPhone5,1_9.3_13E237.reversed_profiles/ ../helpers/sandbox_bundle
The extraction of the binary sandbox profiles differs between iOS <= 8 and iOS >= 9. For iOS 7 and iOS 8 the binary sandbox profiles are stored in the
sandboxdfile. Since iOS >= 9 the binary sandbox profiles are stored in a sandbox bundle in the kernel sandbox extension. The
helpers/extract_sandbox_profilesscript extracts them appropriately depending on the iOS version.
reverse_sandbox.pyprints out the sandbox profiles part of a sandbox bundle without doing the actual reversing.
reverse_sandbox.pyscript needs to be run in its directory (
reverse-sandbox/) since it needs the other Python modules and the
tools/subfolder in the repository stores external tools, in this case sandbox_toolkit used for extracting the sandbox operations and the binary sandbox profiles.
helpers/subfolder contains helper scripts that provide a nicer interface for the external tools.
The actual reverser is part of the
reverse-sandbox/folder. Files here can be categorized as follows:
reverse_sandbox.py. It parses the command line arguments, does basic parsing of the input binary file (extracts sections) and calls the appropriate functions from the other modules.
operation_node.py. It provides functions to build the rules graph corresponding to the sandbox profile and to convert the graph to SBPL. It is called by
sandbox_filter.pyand the configuration in
filters.py. Filter specific functions are called by
regex_parse.pyis the back end parser that converts the binary representation to a basic graph.
sandbox_regex.pyconverts the graph representation (an automaton) to an actual regular expression (i.e. a string of characters and metacharacters). It is called by
reverse_sandbox.pyfor parsing regular expressions, with the resulting regular expression list being passed to the functions exposed by
operation_node.pypasses them on to sandbox filter handling files.
reverse_string.py. The primary
reverse_string.pyis used in
logger.configfile. By default,
INFOand higher level messages are printed to the console, while
DEBUGand higher level messages are printed to the
SandBlaster works for iOS version 7 onwards including iOS 11. Apple has been making updates to the binary format of the sandbox profiles: since iOS 9 sandbox profiles are stored in a bundle, since iOS 10 strings are aggregated together in a specialied binary format. iOS 11 didn't bring any change to the format.
Earlier version of iOS (<= 6) use a different format that SandBlaster doesn't (yet) support. Contributions are welcome.
Join us on Discord for live discussions.