Core Data is an object-relational mapping (ORM) that creates a layer between user interface and database. The developers prefer Core Data as it is faster in terms of record creation than the traditional SQLite format.
From security point of view, these files are similar to SQLite, with the only difference being that the tables are prefixed with Z
.
In this exercise, let's follow the steps to find out the sensitive data that is stored in Core Data:
We will use the
Core Data.ipa
iOS app for this exercise. Once you open the application, you will observe the following view:Let's insert a Username and Password and select the Register option:
Now, the records are stored successfully. Let's see whether user credentials are stored securely or not:
Now, download Core Data application files from
/var/mobile/Containers/Data/Application
and open theCredentialManager.sqlite
file, using the SQLite browser:
You may have noticed all tables starting with prefix Z
and credentials are...