Reading NSUserDefaults

Sometimes developers misuse certain types of storage systems and one of those can be the NSUserDefaults. For example, a developer of an application may decide to store sensitive information within the NSUserDefaults but this can easily read by an attacker.

As described in the official Apple documentation:

The NSUserDefaults class provides a programmatic interface for interacting with the defaults system. The defaults system allows an app to customize its behavior to match a user’s preferences. For example, you can allow users to specify their preferred units of measurement or media playback speed. Apps store these preferences by assigning values to a set of parameters in a user’s defaults database. The parameters are referred to as defaults because they’re commonly used to determine an app’s default state at startup or the way it acts by default.

$ objection -g '<application>' explore
objection> ios nsuserdefaults get