The URL handler tab provides two main functions. The first tab ‘URL Schemes’ can be used to list all URL schemes registered by the application. By clicking an entry in the list, it is transferred to the text box on the right side. Using that text box any URL handler can be invoked on the device. Simply enter the URL and click the ‘Open’ button. Note that the device needs to be unlocked for the URL handler to trigger correctly.
Input received via URL schemes is often used in unsafe ways which can lead to vulnerabilities including logic flaws and
memory corruption. idb includes a basic fuzzer that can be used to fuzz input data via URL schemes. On the ‘Fuzzer’
tab, the list on the upper left holds the list of fuzzz strings. Below, is a text box to specify the fuzz template.
$@$ to mark potential injection points. For example, if a valid URL is
you could specify
as the template to fuzz both of the intended inputs
(of course you can fuzz any part of the URL you like). For each position, idb will cycle through all the possible fuzz
inputs and launch the URL handler (which launches the app) and then wait for a few seconds before killing it.
In order to detect a crash, idb monitors the
/var/mobile/Library/Logs/CrashReporter folder for new crash reports
for the application in question.
The fuzz results re displayed on the right side: for each input, a Boolean value indicates if the app crashed (
or not (
false). If a crash occurred, the crash report can be viewed using the XCode Organizer or similar tools.
Obviously, there is plenty of room for improvements here.
The right-most tab provides a way to monitor the iOS Pasteboard in near real-time. By default, only the main (default) pasteboard is monitored. By adding additional pasteboard names to the list on the right side, also private pasteboards can be monitored. After clicking the start button, a custom utility will watch for any changes to the iOS pasteboards. If a change is detected, the new pasteboard value and the corresponding time stamp are displayed on the left side of the tab.
In order to monitor the pasteboard,
idb uses a small helper utility which is available at: