Skip to content

Instantly share code, notes, and snippets.

View Cypheriel's full-sized avatar
🐱

Mikel Cypheriel

🐱
View GitHub Profile
@Cypheriel
Cypheriel / _srp.py
Last active June 23, 2024 10:51
Limited RFC 5054-compatibile client-side implementation of the Secure Remote Password protocol. Designed to work with Apple's GrandSlam Authentication API.
"""Copyright (c) 2024 Cypheriel.
Secure Remote Password protocol implementation.
This module provides an implementation of the Secure Remote Password protocol, as defined in RFC 5054.
For now, only the client-side implementation is provided.
This implementation is designed to be compatible with the Apple SRP implementation, as used in the GrandSlam framework.
See:
- https://datatracker.ietf.org/doc/html/rfc5054
@Cypheriel
Cypheriel / $mitmproxy for macOS internal services.md
Last active December 6, 2024 09:24
Guide for installing and setting up both mitmproxy and Frida mainly for use with sniffing HTTP(S) traffic internal to macOS.

Install mitmproxy

  1. Follow the instructions to install mitmproxy and launch either mitmproxy or mitmweb. If you plan on sniffing traffic from a macOS VM, it is probably preferable to install mitmproxy on the host OS.
  2. Change your proxy settings in macOS to use your local IPv4 address with port 8080 (by default).
    • System SettingsNetworkAdvancedHTTP and HTTPS proxies
  3. Install the mitmproxy certificate by navigating to http://mitm.it/
  4. Disable SSL verification.
    • On mitmweb, this is toggled in OptionsDon't verify server certificates

Install Frida