ai_root_shield 0.5.0 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +52 -4
- data/README.md +33 -2
- data/bindings/python/README.md +304 -0
- data/bindings/python/ai_root_shield.py +438 -0
- data/bindings/python/setup.py +65 -0
- data/examples/device_logs/android_safetynet_device.json +148 -0
- data/examples/device_logs/ios_jailbroken_device.json +172 -0
- data/lib/ai_root_shield/ci_cd/security_test_module.rb +743 -0
- data/lib/ai_root_shield/dashboard/web_dashboard.rb +441 -0
- data/lib/ai_root_shield/enterprise/alert_system.rb +601 -0
- data/lib/ai_root_shield/enterprise/hybrid_detection_engine.rb +650 -0
- data/lib/ai_root_shield/enterprise/performance_optimizer.rb +613 -0
- data/lib/ai_root_shield/enterprise/policy_manager.rb +637 -0
- data/lib/ai_root_shield/integrations/siem_connector.rb +695 -0
- data/lib/ai_root_shield/platform/android_security_module.rb +263 -0
- data/lib/ai_root_shield/platform/hardware_security_analyzer.rb +452 -0
- data/lib/ai_root_shield/platform/ios_security_module.rb +513 -0
- data/lib/ai_root_shield/platform/unified_report_generator.rb +613 -0
- data/lib/ai_root_shield/version.rb +1 -1
- data/security_test_artifacts/security_report.json +124 -0
- data/security_test_artifacts/security_results.sarif +16 -0
- data/security_test_artifacts/security_tests.xml +3 -0
- metadata +20 -1
|
@@ -0,0 +1,172 @@
|
|
|
1
|
+
{
|
|
2
|
+
"platform": "ios",
|
|
3
|
+
"timestamp": 1640995200,
|
|
4
|
+
"device_info": {
|
|
5
|
+
"model": "iPhone 13 Pro",
|
|
6
|
+
"manufacturer": "Apple",
|
|
7
|
+
"os_version": "15.6.1",
|
|
8
|
+
"device_identifier": "iPhone14,3"
|
|
9
|
+
},
|
|
10
|
+
"code_signing": {
|
|
11
|
+
"mainBundleSigned": false,
|
|
12
|
+
"embeddedProvisioning": true,
|
|
13
|
+
"teamIdentifier": "ABCD123456",
|
|
14
|
+
"codeDirectoryHash": "sha256:1234567890abcdef...",
|
|
15
|
+
"entitlementsValid": false,
|
|
16
|
+
"signatureVersion": 2,
|
|
17
|
+
"certificateChainValid": false,
|
|
18
|
+
"certificate": {
|
|
19
|
+
"isDevelopment": true,
|
|
20
|
+
"isDistribution": false,
|
|
21
|
+
"isEnterprise": false,
|
|
22
|
+
"isAdhoc": false,
|
|
23
|
+
"expirationDate": "2024-12-31T23:59:59Z",
|
|
24
|
+
"issuer": "Apple Development"
|
|
25
|
+
}
|
|
26
|
+
},
|
|
27
|
+
"sandbox": {
|
|
28
|
+
"containerIntegrity": false,
|
|
29
|
+
"fileAccessViolations": [
|
|
30
|
+
"/private/var/mobile/Library/Preferences",
|
|
31
|
+
"/Applications/Cydia.app"
|
|
32
|
+
],
|
|
33
|
+
"networkAccessViolations": [],
|
|
34
|
+
"ipcViolations": ["com.apple.springboard"],
|
|
35
|
+
"entitlementViolations": ["get-task-allow"],
|
|
36
|
+
"sandboxProfileValid": false
|
|
37
|
+
},
|
|
38
|
+
"dyld": {
|
|
39
|
+
"loadedLibraries": [
|
|
40
|
+
"/usr/lib/libSystem.B.dylib",
|
|
41
|
+
"/Library/MobileSubstrate/MobileSubstrate.dylib",
|
|
42
|
+
"/Library/MobileSubstrate/DynamicLibraries/PreferenceLoader.dylib",
|
|
43
|
+
"/usr/lib/substitute-inserter.dylib"
|
|
44
|
+
],
|
|
45
|
+
"injectedLibraries": [
|
|
46
|
+
"/Library/MobileSubstrate/MobileSubstrate.dylib",
|
|
47
|
+
"/usr/lib/substitute-inserter.dylib"
|
|
48
|
+
],
|
|
49
|
+
"runtimeModifications": [
|
|
50
|
+
{
|
|
51
|
+
"library": "MobileSubstrate",
|
|
52
|
+
"function": "MSHookFunction",
|
|
53
|
+
"target": "objc_msgSend"
|
|
54
|
+
}
|
|
55
|
+
],
|
|
56
|
+
"methodSwizzling": {
|
|
57
|
+
"detected": true,
|
|
58
|
+
"swizzledMethods": [
|
|
59
|
+
"UIApplication.openURL:",
|
|
60
|
+
"NSFileManager.fileExistsAtPath:"
|
|
61
|
+
]
|
|
62
|
+
}
|
|
63
|
+
},
|
|
64
|
+
"hardware_security": {
|
|
65
|
+
"secureEnclaveAvailable": true,
|
|
66
|
+
"touchIdAvailable": true,
|
|
67
|
+
"faceIdAvailable": false,
|
|
68
|
+
"processorType": "A15 Bionic",
|
|
69
|
+
"secureBootChain": true,
|
|
70
|
+
"uidAvailable": true,
|
|
71
|
+
"gidAvailable": true,
|
|
72
|
+
"biometricKeysProtected": true,
|
|
73
|
+
"keychainHardwareProtection": true,
|
|
74
|
+
"sepFirmwareVersion": "4.0.0",
|
|
75
|
+
"biometrics": {
|
|
76
|
+
"touchIdEnrolled": true,
|
|
77
|
+
"faceIdEnrolled": false,
|
|
78
|
+
"biometricChangesDetected": false,
|
|
79
|
+
"hardwareTamperDetected": false
|
|
80
|
+
}
|
|
81
|
+
},
|
|
82
|
+
"system_integrity": {
|
|
83
|
+
"systemVersionAuthentic": false,
|
|
84
|
+
"kernelIntegrity": false,
|
|
85
|
+
"amfiEnabled": false,
|
|
86
|
+
"sipEnabled": false,
|
|
87
|
+
"codeInjectionProtection": false,
|
|
88
|
+
"libraryValidation": false,
|
|
89
|
+
"runtimeProtections": []
|
|
90
|
+
},
|
|
91
|
+
"file_system": {
|
|
92
|
+
"files": [
|
|
93
|
+
{
|
|
94
|
+
"path": "/Applications/Cydia.app",
|
|
95
|
+
"exists": true,
|
|
96
|
+
"permissions": "755"
|
|
97
|
+
},
|
|
98
|
+
{
|
|
99
|
+
"path": "/Library/MobileSubstrate/MobileSubstrate.dylib",
|
|
100
|
+
"exists": true,
|
|
101
|
+
"permissions": "755"
|
|
102
|
+
},
|
|
103
|
+
{
|
|
104
|
+
"path": "/usr/bin/ssh",
|
|
105
|
+
"exists": true,
|
|
106
|
+
"permissions": "755"
|
|
107
|
+
},
|
|
108
|
+
{
|
|
109
|
+
"path": "/private/var/lib/cydia",
|
|
110
|
+
"exists": true,
|
|
111
|
+
"permissions": "755"
|
|
112
|
+
},
|
|
113
|
+
{
|
|
114
|
+
"path": "/bin/bash",
|
|
115
|
+
"exists": true,
|
|
116
|
+
"permissions": "755"
|
|
117
|
+
}
|
|
118
|
+
]
|
|
119
|
+
},
|
|
120
|
+
"url_schemes": [
|
|
121
|
+
"cydia://",
|
|
122
|
+
"sileo://",
|
|
123
|
+
"zbra://",
|
|
124
|
+
"filza://",
|
|
125
|
+
"activator://"
|
|
126
|
+
],
|
|
127
|
+
"symbolic_links": [
|
|
128
|
+
{
|
|
129
|
+
"source": "/Applications",
|
|
130
|
+
"target": "/var/stash/Applications"
|
|
131
|
+
},
|
|
132
|
+
{
|
|
133
|
+
"source": "/usr/include",
|
|
134
|
+
"target": "/var/stash/usr/include"
|
|
135
|
+
}
|
|
136
|
+
],
|
|
137
|
+
"fork_test": {
|
|
138
|
+
"forkAllowed": true
|
|
139
|
+
},
|
|
140
|
+
"system_calls": {
|
|
141
|
+
"ptraceDetected": true,
|
|
142
|
+
"sysctlBypass": true,
|
|
143
|
+
"dlopenHooking": true
|
|
144
|
+
},
|
|
145
|
+
"runtime_manipulation": {
|
|
146
|
+
"methodSwizzlingDetected": true,
|
|
147
|
+
"classDumpDetected": true,
|
|
148
|
+
"runtimeInjection": true
|
|
149
|
+
},
|
|
150
|
+
"network": {
|
|
151
|
+
"proxy_enabled": false,
|
|
152
|
+
"vpn_active": false,
|
|
153
|
+
"custom_certificates": [],
|
|
154
|
+
"tls_version": "1.3"
|
|
155
|
+
},
|
|
156
|
+
"risk_score": 85,
|
|
157
|
+
"factors": [
|
|
158
|
+
"IOS_JAILBREAK_FILES_DETECTED",
|
|
159
|
+
"IOS_JAILBREAK_URL_SCHEMES_DETECTED",
|
|
160
|
+
"IOS_JAILBREAK_LIBRARIES_DETECTED",
|
|
161
|
+
"IOS_SANDBOX_VIOLATIONS_DETECTED",
|
|
162
|
+
"IOS_FORK_RESTRICTIONS_BYPASSED",
|
|
163
|
+
"IOS_MAIN_BUNDLE_NOT_SIGNED",
|
|
164
|
+
"IOS_INVALID_CERTIFICATE_CHAIN",
|
|
165
|
+
"IOS_DEVELOPMENT_CERTIFICATE",
|
|
166
|
+
"IOS_DYLD_INJECTION_DETECTED",
|
|
167
|
+
"IOS_HOOKING_FRAMEWORKS_DETECTED",
|
|
168
|
+
"IOS_AMFI_DISABLED",
|
|
169
|
+
"IOS_SIP_DISABLED",
|
|
170
|
+
"IOS_LIBRARY_VALIDATION_DISABLED"
|
|
171
|
+
]
|
|
172
|
+
}
|