Skip to content

Cyberenchanter/EvilStore

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

EvilStore

A trick of keystore written in Rust, this project is done as a personal experiment and is no longer under maintance.

Feature

Currently EvilStore supports hacking default device attestation keys only. Custom attest key is NOT supported.

Security

Will EvilStore expose my private keys?

Nope, EvilStore only operates in hack mode, and currently it only supports hacking default device attestation keys. Your private keys remain securely in the TEE/Strongbox.

Will EvilStore compromise the chain of trust by re-signing certificates?

EvilStore currently does not check if the certificate chain of to-be-hacked keys is valid. Even if it does check it according to Google's terms, given the readily available keyboxs on the Internet, any attacker can bypass this check if they sign their key with a valid keybox.

About

Re-implementation of TrickyStore in Rust.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages