Monday, December 31, 2012

Creating a Basic Configuration Profile for an iPhone or iPad.





Apple provides a free enterprise configuration tool for streamlining the process of configuring iOS devices known as the (iPCU). This article will provide a quick overview of what a configuration profile is, a description of the iPCU, where to get it and how to use it to create a basic iOS device configuration profile. The configuration profile contains details of all installed applications and can be uploaded to ZAP to obtain an overall risk profile for the device.

Using the iPCU to obtain a device configuration file

The iPCU is a program that uses a simple GUI to create, manage, and deploy XML configuration profiles to iOS devices. It is free and available in both Mac OS X and Windows versions from Apple's website at apple.com/support/iphone/enterprise/.
·         Mac version -  http://support.apple.com/kb/DL1465
·         Windows version - http://support.apple.com/kb/DL1466
Once the iPCU is run, it will open to a clean user interface with the Library – Devices section selected. Click on the Library – Configuration Profiles section as shown below:




Here are the steps to obtain the iPhone device configuration file (.deviceinfo).
·         Connect your iPhone/iPad to the computer.
·         Look at left navigation pane. There you’ll observe that your device is listed under the Devices category as shown below.

      ·         Select the desired device and navigate to File->Export. Save the file.

Now you have an iOS configuration file (.deviceinfo) for your device.
This is the file that you can now feed to ZAP for analysis. Under the Upload section within ZAP you can analyze this file (.deviceinfo) to calculate an overall risk score for the apps installed on your device.
Now let’s take a look how to use this configuration file with ZAP. Here we have obtained a device configuration file for an iPod touch. We named it ipod2.deviceinfo. Click on the Browse button to upload the file. Select the path to the file and then click on the Analyze button.



 You will see following screen.



For this configuration file, there are total 68 apps installed on the iPod Touch, five of which have already been analyzed by ZAP. Those apps not previously analyzed are automatically added into ZAP’s queue for future analysis by the ThreatLabZ team.
You can click on any app name listed to view further details for the app. For example, clicking Heyzap we’ll see the following screen.