在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称:iSECPartners/ios-ssl-kill-switch开源软件地址:https://github.com/iSECPartners/ios-ssl-kill-switch开源编程语言:Objective-C 66.1%开源软件介绍:iOS SSL Kill SwitchBlackbox tool to disable SSL certificate validation - including certificate pinning - within iOS Apps. DescriptionOnce installed on a jailbroken device, iOS SSL Kill Switch patches low-level SSL functions within the Secure Transport API, including SSLSetSessionOption() and SSLHandshake() in order to override and disable the system's default certificate validation as well as any kind of custom certificate validation (such as certificate pinning). It was successfully tested against various Apps implementing certificate pinning including the Apple App Store. iOS SSL Kill Switch was initially released at Black Hat Vegas 2012. For more technical details on how it works, see http://nabla-c0d3.github.io/blog/2013/08/20/ios-ssl-kill-switch-v0-dot-5-released/ WARNING: THIS TWEAK WILL MAKE YOUR DEVICE INSECUREInstalling this tweak allows anyone on the same network as the device to easily perform man-in-the-middle attacks against any SSL or HTTPS connection. This means that it is trivial to get access to emails, websites viewed in Safari and any other data downloaded by any App running on the device. InstallationUsers should first download the latest pre-compiled Debian package available in the release section of the project page at: https://github.com/iSECPartners/ios-ssl-kill-switch/releases The tool was tested on iOS7 running on an iPhone 5S. DependenciesiOS SSL Kill Switch will only run on a jailbroken device. Using Cydia, make sure the following packages are installed:
How to installDownload and copy the Debian package to the device; install it:
Respring the device:
There should be a new menu in the device's Settings where you can enable the extension. Finally, kill and restart the App you want to test. How to uninstall
Intercepting the App Store's trafficAdditional instructions are available here: http://nabla-c0d3.github.io/blog/2013/08/20/intercepting-the-app-stores-traffic-on-ios/ BuildMost users should just download and install the Debian package. The build requires the Theos suite to be installed; see http://www.iphonedevwiki.net/index.php/Theos/Getting_Started . You first have to create a symlink to your theos installation:
Make sure dpkg is installed. If you have Homebrew, use:
Then, the package can be built using:
Changelog
LicenseMIT - See LICENSE.txt AuthorAlban Diquet - https://github.com/nabla-c0d3 |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论