Horusec Swift
O que é?
O Horusec-Swift é uma ferramenta SAST criada pela equipe do Horusec para fazer a busca de vulnerabilidades em projetos Swift.
Exemplos de vulnerabilidades
SQLite Database
App uses SQLite Database. Sensitive Information should be encrypted.
CoreData Database
App uses CoreData Database. Sensitive Information should be encrypted.
DTLS 1.2 not used
DTLS 1.2 should be used. Detected old version - DTLS 1.0.
TLS 1.3 not used
TLS 1.3 should be used. Detected old version - TLS 1.2.
Reverse engineering
This App may have Reverse engineering detection capabilities.
Weak MD5 hash using
The MD5 hash algorithm that was used is considered weak. It can also cause hash collisions. It is always recommended to use some CHF (Cryptographic Hash Function), which is mathematically strong and not reversible. SHA512 would be the most recommended hash for storing the password and it is also important to adopt some type of Salt, so that the Hash is more secure. For more information checkout the CWE-327 advisory.
Weak DES hash using
DES is considered strong ciphers for modern applications. Currently, NIST recommends the usage of AES block ciphers instead of DES. For more information checkout the CWE-326 advisory.
Weak DES hash using
DES is considered strong ciphers for modern applications. Currently, NIST recommends the usage of AES block ciphers instead of DES. For more information checkout the CWE-326 advisory.
Weak Cipher Mode
Cipher algorithms should be robust. MD5 is a weak hash, which can generate repeated hashes. For more information checkout the CWE-327 advisory.
Weak MD6 hash using
MD6 is a weak hash, which can generate repeated hashes. For more information checkout the CWE-327 advisory.
Weak MD5 hash using
MD5 is a weak hash, which can generate repeated hashes. For more information checkout the CWE-327 advisory.
Weak SHA1 hash using
SHA1 is a weak hash, which can generate repeated hashes. For more information checkout the CWE-327 advisory.
Jailbreak detection
This App may have Jailbreak detection capabilities.
Javascript injection
User input in “loadHTMLString” will result in JavaScript Injection.
Weak Cipher Mode
DES is considered strong ciphers for modern applications. Currently, NIST recommends the usage of AES block ciphers instead of DES. For more information checkout the CWE-326 advisory.
Realm Database
App uses Realm Database. Sensitive Information should be encrypted.
Deperected tls property
Use of deprecated property tlsMinimumSupportedProtocol. To avoid potential security risks, use tlsMinimumSupportedProtocolVersion
UIPasteboard
This application uses UIPasteboard, improper use of this class can lead to security issues.
File protection
The file has no special protections associated with it.
WebView Safari
It is recommended to use WKWebView instead of SFSafariViewController or UIWebView to prevent navigating to arbitrary URLs.
Keyboard cache
Keyboard cache should be disabled for all sensitive data inputs.
Weak MD4 hash using
MD4 is a weak hash known to have hash collisions.
Weak MD2 hash using
MD2 is a weak hash, which can generate repeated hashes. For more information checkout the CWE-327 advisory.
SHA1 collision
SHA1 is a weak hash known to have hash collisions.
MD5 collision
MD5 is a weak hash known to have hash collisions.
MD6 collision
MD6 is a weak hash known to have hash collisions.
Improper Restriction of Rendered UI Layers or Frames
Your Nginx file must include the X-Frame-Options header. A web application is expected to place restrictions on whether it is allowed to be rendered within frames, iframes, objects, embed or applet elements. Without the restrictions, users can be tricked into interacting with the application when they were not intending to. For more information checkout the CWE-1021 (https://cwe.mitre.org/data/definitions/1021.html) advisory.
Missing X-Content-Type-Options header
Setting this header will prevent the browser from interpreting files as a different MIME type to what is specified in the Content-Type HTTP header (e.g. treating text/plain as text/css). For more information checkout https://owasp.org/www-project-secure-headers/#x-content-type-options.
Missing Content-Security-Policy header
A Content Security Policy (also named CSP) requires careful tuning and precise definition of the policy. If enabled, CSP has significant impact on the way browsers render pages (e.g., inline JavaScript is disabled by default and must be explicitly allowed in the policy). CSP prevents a wide range of attacks, including cross-site scripting and other cross-site injections. For more information checkout https://owasp.org/www-project-secure-headers/#content-security-policy.
Exposure of Sensitive Information
Your Nginx file must include ‘server_tokens off;’ configuration. There are many different kinds of mistakes that introduce information exposures. The severities of the error can range widely, depending on the context in which the product operates, the type of sensitive information that is revealed, and the benefits it may provide to an attacker. For more information checkout the CWE-200 (https://cwe.mitre.org/data/definitions/200.html) advisory.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.