通过MiTM得知App先通过authentication获取一个key,然后利用这个key进行一系列的hashing计算获得一个authentication_key,之后每次call api都将该authentication_key加载到HTTP header之上。 RE Android App,知道authentication_key的组成就是 {my username}:{Utils.generateHash method}:{timestamp} Hashing的alg是HmacSHA1. 借助Free Online HMAC Generator,我们可以做个小测试. 最后作者将这个流程写成一个python script. Ref Reverse Engineering the Drexel One API – Tomer Shemesh – Medium…
方法1 访问http://www.telerik.com/fiddler, 然后从顶部菜单中选择「WinConfig」,在接下来打开的窗口中勾选你想排除网络隔离的应用就可以了 方法2 - 修改注册表 通过设置为 Win 10 UWP 应用解除网络隔离 - 少数派…
On YouTube Synack at AppSec California with Patrick Wardle from Synack Slide 讲座中提及的Tools iOSOpenDev filemon - An FSEvents client 讲座中提及的exploit PuffChat Steal WhatsApp database (PoC) | Bas Bosschert Snapchat Security Disclosure - Gibson Security iOS App File Structure App Binary App Binary Decryption GitHub - dumpdecrypted 未知与Clutch有何不同. iOS Reverse Engineering Techniques…
Watch on YouTube Installation Installation Guide 假如安装了 package, 还 complain: sudo -H pip install <missing_package> --ignore-installed frida_trace frida_launcher cycript Bonus Needle IOS Pentesting – My Cyber Security Blog…
iOS Change ipa to zip Unzip the file Run below command $ cd payload $ class-dump -H target.app -o ../raspinfo Android Method 1 - dex2jar 1). Download dex2jar 2). Run below command $ ./d2j-dex2jar.sh -f -o nino.jar target.apk 3). Download jd-gui 4). Open nino.jar with jd-gui. Method 2…
The weak link in Apple Pay’s strong chain is bank verification. Who’s to blame? | Ars Technica At this point, a bank must decide between green-lighting the customer based on the information Apple can send the bank or pushing the customer down what's called the “Yellow Path” and making…
百度安全实验室:支付安全不能说的那些事儿 | 雷锋网 如果某一个参数值(value)中包含&和=符号,待签字符串和原始的参数集合就可能不再是一对一,即存在多组参数集合对应同一组待签字符串。 例如: 参数集合 {"key1":"value1","key2":"value2&key3=fake_value&zend_key=a", "key3":"value3"} 的待签字符串为 key1=value1&key2=value2&key3=fake_value&…
iOS When you are assessing an application, attaching a debugger can be a powerful technique for understanding the application's inner workings. A couple of debuggers work on iOS and the one that works best for you will depend upon what you are trying to debug and the resources available to…
Android 主要有两种方式: Add new Malicious Smali files Modify existing Smali files Example 1 Mobile Security Labs Example 2 Mobile Security Certificate Pinning Exploit $ keytool -genkey -keystore example.keystore -keyalg RSA -validity 10000 -alias example $ apktool d [app_name].apk // Modify your app $ apktool b <app_folder> $ mv dist/…