Inspired by https://infosec.exchange/@jjtech/112612685494089718
Reboot into Recovery OS + Disable SIP
csrutil disable
Inspired by https://infosec.exchange/@jjtech/112612685494089718
Reboot into Recovery OS + Disable SIP
csrutil disable
// | |
// ContentView.swift | |
// Airdrop Demo | |
// | |
// Created by Daniel Kuntz on 7/30/23. | |
// | |
import SwiftUI | |
struct ContentView: View { |
Unfortunately I have some bad news for downgrading. | |
Before I explain the bad news at the end of this post, I first need to introduce a background of iOS devices. | |
In iOS 16, Apple introduced a new firmware component known as Cryptex1. Technically, this is a "virtual" co-processor. | |
It's purpose is to allow Apple to push RSRs (Rapid Security Responses) which are separate from traditional iOS updates and can be installed much faster. | |
Like other firmwares, it also has a signing ticket locked to a cryptographic nonce (number-used-once). | |
We commonly refer to the Apple signing tickets as SHSH blobs. | |
Meaning the firmware can't be installed without a valid signing ticket as well as a matching nonce. | |
The "big two" components we deal with signing/nonces are AP and SEP. AP is basically the main device chip (Application Processor). | |
SEP is the security chip (Secure Enclave Processor). | |
With regards to APNonce, Apple conveniently gave us the com.apple.System.boot-nonce NVRAM property which we use to set the APNonce generator. |
#include <stdlib.h> | |
#include <stdio.h> | |
#include <pthread/pthread.h> | |
#include <mach/mach.h> | |
struct ool_msg { | |
mach_msg_header_t hdr; | |
mach_msg_body_t body; | |
mach_msg_ool_ports_descriptor_t ool_ports[]; | |
}; |
The package that linked you here is now pure ESM. It cannot be require()
'd from CommonJS.
This means you have the following choices:
import foo from 'foo'
instead of const foo = require('foo')
to import the package. You also need to put "type": "module"
in your package.json and more. Follow the below guide.await import(…)
from CommonJS instead of require(…)
.// | |
// libblackjack.h | |
// libblackjack | |
// | |
// Created by CoolStar on 2/24/20. | |
// Copyright © 2020 CoolStar. All rights reserved. | |
// | |
#include "libhooker.h" |
import SwiftUI | |
import Foundation | |
import PlaygroundSupport | |
public enum Orientation { | |
case horizontal | |
case vertical | |
} | |
public struct StackView<Content: View>: View { |
TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.
If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)
A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/
The reason to avoid JWTs comes down to a couple different points:
# send logs for all traffic (including non-html) to google analytics | |
# | |
# in server block: | |
# set $google_analytics_id "UA-THECORRECT-ID"; | |
# include /srv/nginx/google_analytics; | |
# | |
# in location blocks: | |
# post_action @ga; | |
# | |
# notes: post_action has been referred to by nginx devs as a "dirty hack" and this approach may stop working one day. |