Skip to content

Instantly share code, notes, and snippets.

@novitae
novitae / README.md
Last active September 18, 2024 07:50
Palera1n & SSL Pinning / Reverse Cheatsheet

Palera1n & SSL Pinning / Reverse Cheatsheet

Jailbreak

  • Download latest release of palera1n.
  • Connect iphone to computer.
  • Jailbreak using palera1n --setup-fakefs --fakefs. This will setup fakefs to access to sudo later.
  • Once phone is running, run palera1n -f to load fakefs. Do it everytime you restart the phone to rejailbreak it, no need to do previous step if the phone wasn't reset.

Terminal

Connecting to SSH

  • Ensure openssh package is installed on Sileo
  • You can then connect to ssh mobile@IP
@novitae
novitae / Intercept requests from iOS 12's system.md
Last active December 14, 2022 12:37
Intercept requests from iOS 12's system

How to Intercept requests from iOS 12's system

I was trying to get the requests made by apple identity's service, and i never succeed. But here's how i finally made with the help of some people from Hack Different discord server. (This is a memo for me)

Requirements

  • MacOS
  • A jailbroken iOS 12 device (for me: iphone 6, unc0ver jailbroken -- worked with checkra1n --)
  • Wireshark
  • ssh on the device (easy to install, search by yourself how to install it on jailbroken devices)
  • sslkeylog tweak on the iphone (obtainable here, intallation tutorial here (2 paragraphs after "tutorial"))
  • Xcode's command line (xcode-select --install)
from os import system
from time import sleep
from tqdm import tqdm
accounts = [kyliejenner, travisscott, ...]
sleep_time = 300
for account in accounts:
system(f"sterra export -ssid xxxx -u {account} -t following --name {account}_following")
for _ in tqdm(range(sleep_time), desc="time until new scrape"):
from argparse import ArgumentParser
from re import match
import requests
from os import path
from tqdm import tqdm
class UrlNotMatchingError(Exception): pass
class APIFetchingError(Exception): pass
def _getApiResp(url) -> dict: