Forensically Sound checkm8 Based Extraction of iPhone 5s, 6, 6s and SE

May 19th, 2021 by Oleg Afonin
Category: «Elcomsoft News», «Mobile»

Back in 2019, independent researcher axi0mX has developed a ground-breaking exploit. Targeting a vulnerability in the bootloader of several generations of iOS devices, checkm8 made it possible to obtain BootROM code execution and perform forensic analysis on a long list of devices running a wide range of iOS versions. In this article, we’ll talk about the forensic use of checkm8 with iOS Forensic Toolkit.

checkm8 is widely accepted in the mobile forensic community. Multiple solutions exist, but none of them are perfect, and most aren’t even trying. Our solution works entirely in RAM; it does not boot the OS installed on the device, and does not touch the system partition. There won’t be a trace left on the iPhone extracted with iOS Forensic Toolkit, not a single log entry and not even a changed timestamp. How did we make it possible?

Introduction

The checkm8 exploit was a game changer. Exploiting an unpatchable vulnerability in iDevice bootloader, checkm8 allows breaking into a wide range of Apple devices regardless of the “patch level” or the version of iOS installed on these devices. The exploit covers a plethora iPhone, iPad and companion devices. The iPhone models that can be exploited include the iPhone 5s, 6, 6s, 7, and 8, including all of the Plus models. In addition, the exploit can be used on the iPhone X and the original iPhone SE. The vulnerability existed in the iPhone 4s, 5, and 5c, although without Secure Enclave these devices could be broken into in a different way, although not just forensically sound as using checkm8.

Unlike ‘traditional’ jailbreaks that exploit vulnerabilities in the operating system (that are promptly patched by Apple with the next iOS update), checkm8 targets the device bootrom, which contains the first code executed when the iPhone is powered on or rebooted. Due to the read-only nature of the bootrom, this vulnerability cannot be patched (however, Apple were able to strengthen security of the latest vulnerable devices, the iPhone 7, 7 Plus, 8, 8 Plus and iPhone X range, by hardening SEP protection).

checkm8 does not affect the Secure Enclave. It cannot be used to break the screen lock passcode, and without the passcode it cannot be used to decrypt the majority of the data in the file system (limited BFU mode access might be possible).

On the other hand, checkm8 is ideal when it comes to forensic extractions. By its very nature, the exploit does not need to modify any bits in the file system; all modifications are performed on the fly in the device’s volatile memory (RAM).

checkra1n vs. checkm8

The use of checkm8 in mobile forensics began with utilizing checkra1n, a public, closed-source jailbreak based on the public, open-source checkm8 exploit. The checkra1n jailbreak was quickly adopted in Elcomsoft iOS Forensic Toolkit to get access to the file system and keychain on jailbroken iOS devices.

From the forensic point of view, checkra1n extractions are not too much different of any other jailbreak-based extractions except for the extra steps required to switch the device into DFU mode. The workflow remained similar, the outcome was the same, and even the drawbacks remained the same compared to all other jailbreak-based extractions; more on that later.

The use of a public jailbreak, including checkra1n, inevitably modifies certain areas on the device’s system and data partitions. Public jailbreaks, including checkra1n, are known to perform steps and install additional services, such as the Cydia store, which aren’t required to perform the extraction but are needed to install mods and software from third-party sources. All that has negative impacts on the forensic use of jailbreaks, making jailbreak-based extractions unacceptable to many examiners.

To sum it up, checkra1n-based extractions have the following drawbacks:

  • Jailbreak-based extractions are not forensically sound.
  • Such extractions may not be allowed in certain cases.
  • The installation process is complicated and prone to errors.
  • Due to lack of public interest, checkra1n has limited compatibility compared to the underlying exploit. Only iOS 12.0 and newer are supported.

How our solution compares to checkra1n

Compared to checkra1n-based extractions, the new, direct extraction process has the following advantages:

  • Untouched system and data partitions.
  • Data partition is mounted read-only.
  • Zero modification policy: 100% of the patching occurs in the RAM.*
  • The installation process is fully guided and massively more reliable compared to jailbreaking.
  • Much wider iOS compatibility (but currently limited hardware support). iOS 8.0 through iOS 14.5 are supported (compared to iOS 12.0 and up).

* An exception to zero notification policy: extracting devices running some very old versions of iOS with HFS ‘file system dirty’ flag. A file system check is required in order to mount the system/data partition read-only.

Compatibility, requirements, and features

In order to use checkm8 extraction, you must have access to a compatible device running a supported version of iOS. At this time, we support all versions of iOS from iOS 8.0 onwards, with no exceptions, that are or ever were available for supported devices .

  • Supported hardware: iPhone 5s, iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, iPhone SE (original model)
  • Supported versions of iOS: iOS 8.0 through iOS 14.5, subject to availability for a given device.
  • Additional requirements: the ability to place the device into DFU mode. Must download the official Apple firmware (download link is provided during the extraction) that matches iOS version installed on the device.

Elcomsoft iOS Forensic Toolkit now fully supports the file system extraction and keychain decryption from unlocked iOS devices (the passcode must be known or empty). To check which devices are supported, use the following table.

Device Min. supported iOS version Latest supported iOS version
iPhone 5s 8.0 12.5.3
iPhone 6, iPhone 6 Plus 8.0 12.5.3
iPhone 6s, iPhone 6s Plus 9.0.1 14.5.1
iPhone SE (original) 9.3 14.5.1

Note: the iPhone 6s and 6s originally shipped with iOS 9.0.1 onboard, while the iPhone SE was shipped with iOS 9.3. The iPhone 5s originally shipped with iOS 7.0, which is currently not supported for checkm8 extraction.

In additional, the following devices are unofficially supported:

  • iPod touch 6th gen
  • iPad Air (original)
  • iPad mini 2/3/4
  • iPad 5th gen

Placing the device in DFU mode

Placing the device in DFU mode can be tricky, especially if you’ve never done it before. DFU is different from Recovery in that Recovery was designed to be used in emergency situations by the end user, while DFU was never meant for the end user.

Steps to enter DFU are less than obvious, and there is no on-screen indication of successfully entering DFU. You must follow the steps while carefully observing the timings, and the end result will be a blank screen. To make the process easier, iOS Forensic Toolkit implements real-time guidance, indicating which buttons are to be pressed and implementing countdown timers.

How our solution compares to other checkm8-based software

As time passed, some digital forensic vendors have started using the checkm8 exploit directly in their tools without relying on the public jailbreak. To tell the truth, most vendors borrowed code from the checkra1n jailbreak, sometimes even leaving the copyrights.

# Checkra1n beta 0.9.6
#
# Proudly written in nano
# (c) 2019 Kim Jong Cracks
#
#========  Made by  =======
# argp, axi0mx, danyl931, jaywalker, kirb, littlelailo
# nitoTV, nullpixel, pimskeks, qwertyoruiop, sbingner, siguza
…
Begin Checkra1n

Do you believe it’s a checkra1n log? It is not. This is the output of one of the checkm8-based forensic solutions. An interesting fact is that, while the forensic tool has been released in January 2021, the checkra1n 0.9.6 has been around since December 2019.

While checkm8 is a bootloader-level exploit, when it comes to forensic implementations the devil is in the detail. Until today, we have not encountered a single checkm8-based forensic extraction solution that would be 100% forensically sound. Believe or not, all other solutions, including those marketed by the big names, are not forensically sound. They do modify parts of the iPhone file system, and they do affect the result. Granted, the impact is fairly low, but there is no single vendor who would describe exactly what is changed.

Our solution is based completely on patching the device RAM , and does NOT boot the operating system installed on the device. There will be no log entries added, and absolutely no changes are made to any area on the device, neither in the system nor in data partitions. It does not leave any records in the system logs or any other log or database simply because it works completely off the RAM. The only exception when we must do an alteration is a situation of the file system being in the “dirty” state. The “file system dirty” flag is set after an abnormal shutdown or spontaneous reboot, a failed software update if there was not enough free space, and so on. A file system check will be performed in order to clear the flag and mount the system/data partition read-only.

Next comes the iOS version compatibility. Most checkm8-based solutions (and all solutions based on the checkra1n jailbreak) require the minimum version of iOS 12.0. Custom checkm8-based solutions may support iOS 12.0, but we haven’t seen a single solution supporting iOS 8 through 11 or the beta versions.

Our solution supports all versions of iOS that can or could be installed on supported hardware, with no gaps or exceptions.

Compared to competition, our new, direct extraction process has the following advantages:

  • Unique, forensically sound extraction: 100% of the patching occurs in the RAM.
  • We never boot the OS installed on the device, and never touch the system partition.
  • Our checkm8 solution does not bring along any proprietary Apple code. The firmware is downloaded directly from Apple and patched on the fly.
  • For that to work, you’ll have to download the correct firmware matching the iOS version installed on the device (we provide the link).
  • Real-time guidance with instructions and countdowns displayed to help install the exploit.
  • Much wider iOS compatibility (but currently limited hardware support). iOS 8.0 through iOS 14.5 are supported (compared to iOS 12.0 and up).

How does it fare against agent-based acquisition?

Apart from the compatibility issues, one can note that agent-based acquisition is not completely forensically sound, although the changes it makes are minimal (mostly in the system logs). In this respect, checkm8-based extraction is superior.

On the other hand, agent acquisition supports a much wider range of devices, and works on the models based on the A12/A13/A14 SoC, where checkm8 has been patched. For these models, agent is the only recommended low-level acquisition method.

checkm8 advantages:

  • Extended software compatibility
  • A 100% forensically sound extraction
  • Works for most ‘stuck’ devices
  • USB restricted mode is not applicable (passcode must be known)

checkm8 disadvantages:

  • Need original iOS firmware
  • Currently no BFU extraction
  • Hardware limitations (no iPhone 7/8/X and iPads support; currently in the works)

Limitations and future work

This is just the beginning. Our original checkm8 implementation only covers devices including the iPhone 5s, 6, 6 Plus, 6s, 6s Plus, and the original iPhone SE. We are currently working on adding support for more devices including the iPhone 7 and 7 Plus as well as most iPad models based on exploitable SoC (currently supported models are listed above). We’re also researching the iPhone 8/8 Plus/iPhone X range, but no definite promises as of yet due to the different SEP implementation in these devices. A native ARM build is coming for the M1 CPU, which the beta version supports via Rosetta2.

What about the passcode? In order to use our solution, you must know the screen lock passcode if one is enabled on the device. The exploit cannot be used to crack the passcode, at least at this time.

Conclusion

With this update, Elcomsoft iOS Forensic Toolkit becomes the most advanced iOS acquisition tool on the market. The toolkit now supports all possible acquisition methods (with known limitations we’re working on). Agent-based extraction and checkm8-based extraction via device RAM are some of the tool’s unique features.


REFERENCES:

Elcomsoft iOS Forensic Toolkit

Extract critical evidence from Apple iOS devices in real time. Gain access to phone secrets including passwords and encryption keys, and decrypt the file system image with or without the original passcode. Physical and logical acquisition options for all 64-bit devices running all versions of iOS.

Elcomsoft iOS Forensic Toolkit official web page & downloads »