iOS vulnerable to biometric bypass via "objection"

Question

iOS vulnerable to biometric bypass via "objection"

ssuppan opened this issue a year ago · comments

My company did some pen testing on our Xamarin native app which is using plugin.fingerprint.
They were able to bypass biometric authentication via "objection v1.11.0".
This script/program allows a local user to hook into EvaluatePolicy() and EvaluateAccessControl().
When a bad fingerprint is scanned, you can return "true" instead of "false" and gain access to the app.

Supporting documentation can be found here.

Steps to reproduce

objection -g explore

Expected behavior

The objection script/program should not be able to bypass the bad fingerprint read

Actual behavior

The objection script/program permits the pen tester to bypass fingerprint authentication

Crashlog

If something causes an exception paste full stack trace + Exception here

Configuration

**Version of the Plugin ** 2.1.5

Platform: iOS 12.X and greater

Device: iPhone 12

smsissuechecker · Answer 1 · Wed May 31 2023 22:09:35 GMT+0800 (China Standard Time)

Hi @ssuppan,

I'm the friendly issue checker.
Thanks for using the issue template 🌟
I appreciate it very much. I'm sure, the maintainers of this repository will answer, soon.

ssuppan · Answer 2 · Wed May 31 2023 22:13:07 GMT+0800 (China Standard Time)

This is not only an issue for fingerprint read on iOS. I believe that Face ID is also vulnerable.

Jose Villaro · Answer 3 · Thu Oct 19 2023 11:48:18 GMT+0800 (China Standard Time)

Yes this is an issue that we come to via the ethical hacking of our apps. I hope someone can help out