DECRYPTING IOS APPS

Decrypt iOS App 可以直接用 Clutch (1, 2), 本文仅为了学习 iOS Binary Manipulation. 下面以 KFC 为例. 1). ssh to your device - Ref 2). Find your target App - Ref find /private/var/mobile/Containers/Bundle/Application/ -name 'SUPER_APP' /private/var/mobile/Containers/Bundle/Application/3FDA7FA6-48BE-4567-94D2-F9AB0AE3D394/SUPER_APP.app/SUPER_APP…

Modern Binary Exploitation - Lecture 1

Background Course Home Page: Modern Binary Exploitation - Spring 2015 Warzone - Github Course Material Books Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson The shellcoder''s handbook: Discovering and Exploiting Security Holes, 2nd Edition by Chris Anley Programming From The Ground UP Practical Reverse Engineering Review of Background…

Frida

Installation on Mac 官网的教程无法安装, 原因未明 Update (17 Mar 2017): OSError: [Errno 1] Operation not permitted: '/tmp/pip-Xb_ctc-uninstall/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/six-1.4.1-py2.7.egg-info' 由于 OsX 10.11 预装了six 1.4.1, 因此在安装 frida 的过程中无法卸载(ref). Solution: $ sudo pip…

Thick Client Proxying

1. Interception 1.1 Intercepting Responses 1.2 Intercepting Request/Responses Rules 1.3 Match and Replace Proxy > Options > Match and Replace 利用它,就可以实现类似charles proxy的替换功能. 例如替换user-agent 1.4 SSL Pass Through Proxy > Options > SSL Pass Through Burp will not MitM anything added to this section and…