Dissection of the Apple Internet Recovery protocol and Security Analysis
NOTE: The authors' machine always downgrades from 10.15.3 to 10.13.0 via
internet recovery, therefore some experiments may not be working the same
due to a network issue with an attacker at a position of privilege on the
network.
Verification of BaseSystem.dmg and OSDInstall.dmg
See doc/chunklist_v1.md
and https://github.com/t8012/cnklverify
Request / Response of Internet Recovery image location
PAW and ruby code
doc/Apple Internet Recovery.paw
lib/request_recovery.rb
It seems that it is impossible to fake a response from the Apple Internet
recovery server, but since the forgery token isn't included with the signed
response, it opens up the case where a man-in-the-middle attack on the request
may occur. This leads to the potential to downgrade an operating system.
This may be in part due to the age of the IR protocol and lack of stronger
PKI based crypto in older (read Lion 10.9) versions of IR.
Request Format
A session cookie is requested from http://osrecovery.apple.com/ then
A request is made to http://osrecovery.apple.com/InstallationPayload/RecoveryImage
A request is in the form of:
cid=A64F96125D28533D
sn=C079442000SJRWLAX
bid=Mac-7BA5B2DFE22DDD8C
k=CF4EF754A68299485E52179B73382421FDBE38BAA06C7CE518A9A4BA91E3C96D
os=latest
bv=17.16.11081.0.0,0
fg=9ECA302EC3E25279AA80C088EF82A821DAD22197B8516F2E9966CC462B524393
An analysis of variables comes to these assumed names
cid
- The T2 ECIDsn
- Motherboard Serial numberbid
- Board ID (BDID)k
- Key or some form of challenge (unknown, server accepts any value)os
- The requested OSbv
- Version of bridgeOSfg
- Anti forgery challenge (unknown, server accepts any value)
Response Format
A response is in the form of
AP: 041-76812
AU: http://oscdn.apple.com/content/downloads/22/29/041-76812a/2liqsakq9ocpldao5gxogpqqkg3666itc6/RecoveryImage/BaseSystem.dmg
AH: 0DD88446D924DC180B25085F53BEA4A2B148024F69EA93E265AEC2F1102E4CB4
AT: expires=1585251286~access=/content/downloads/22/29/041-76812a/2liqsakq9ocpldao5gxogpqqkg3666itc6/RecoveryImage/BaseSystem.dmg~md5=aade63d0bf105b660880b522ee16276f
CU: http://oscdn.apple.com/content/downloads/22/29/041-76812a/2liqsakq9ocpldao5gxogpqqkg3666itc6/RecoveryImage/BaseSystem.chunklist
CH: 791BD581006AD8147F988138B434A2CB792D87F4C2187BD992CC06B64234CA4A
CT: expires=1585251286~access=/content/downloads/22/29/041-76812a/2liqsakq9ocpldao5gxogpqqkg3666itc6/RecoveryImage/BaseSystem.chunklist~md5=7b7ae5fd362c4ff1b216016121f6cb87
An analysis shows the following values
- AP - Apple's update ID for the package, from the software update catalog
- AU - base system URL to download from (dmg)
- AH - Some form of hash for the base system URL / content
- AT - BaseSystem URL token cookie (Passed in the next request as a cookie header)
- CU - chunklist URL (this becomes dangerous if downgrade attacked to v1)
- CH - Chunklist URL hash / content
- CT - Chunklist URL token cookie (Passed in the next request as a cookie header)
Credit
Research by Rick Mark and moved from rickmark/apple_net_recovery