Skip to content

Instantly share code, notes, and snippets.

View dweinstein's full-sized avatar

David Weinstein dweinstein

View GitHub Profile
onMessage
onMessage
automation
onMessage
ispy-console 2019-08-27 10:34:23.706613-0500 OfferUp[3150:69885] TIC SSL Trust Error [79:0x1c4376c80]: 3:0
ispy-console 2019-08-27 10:34:23.707447-0500 OfferUp[3150:69885] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)
2019-08-27 10:34:23.707847-0500 OfferUp[3150:69885] Task <85C2A93B-4CDD-4AE5-98FA-A42808ACDCD2>.<1> HTTP load failed (error code: -1202 [3:-9813])
ispy-console 2019-08-27 10:34:23.708246-0500 OfferUp[3150:70071] Task <85C2A93B-4CDD-4AE5-98FA-A42808ACDCD2>.<1> finished with error - code: -1202
@dweinstein
dweinstein / xctesting_in_repl_or_script.swift
Last active September 6, 2018 15:49 — forked from lzell/xctesting_in_repl_or_script.swift
Using XCTest in the swift repl or standalone script
// Start repl with:
// $ xcrun swift -F xcrun swift -F /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/Library/Frameworks/
// Or run as script:
// $ xcrun swift -F xcrun swift -F /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/Library/Frameworks/ %
import Foundation
if dlopen("/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/Library/Frameworks/XCTest.framework/XCTest", RTLD_NOW) == nil {
@dweinstein
dweinstein / ios_lockdown_diag_services.md
Created June 19, 2018 04:15 — forked from ddz/ios_lockdown_diag_services.md
iOS Lockdown Diagnostic Services

TL;DR

  • Pairing an iOS device to a host (computer running iTunes) gives that host significant access to data on the iOS device and requires connecting the unlocked iOS device to a host over USB
  • Once paired, that host (or another host that has stolen its pairing record) can access significant amounts of user personal data from the iOS device over USB and Wi-Fi through the com.apple.mobile.file_relay and com.apple.mobile.house_arrest lockdown services
  • These services will not return user data files that are encrypted and locked by iOS Data Protection but the files returned by file_relay are not protected by iOS Data Protection and do include significant amounts of personal user data that would otherwise be encrypted in iTunes encrypted backups ("Encrypt Backup" is enabled)
  • The com.apple.mobile.file_relay service is not used or referenced by any public Apple software so its intended client software is unknown outside of Apple
  • Apple released a [Knowledge Base article](https://support.apple.co
---> com.citi.citimobile Keybuilder 12 Asymm location: com.citi.corelibrary.utils.EligibilityChecks/boolean isSecureHardwareAvailable()/specialinvoke $r2.<android.security.keystore.KeyGenParameterSpec$Builder: void <init>(java.lang.String,int)>("CitiTestHardware", 12) extra: u'specialinvoke $r2.<android.security.keystore.KeyGenParameterSpec$Builder: void <init>(java.lang.String,int)>("CitiTestHardware", 12)' sslice:
---> com.citi.citimobile Keybuilder 5 Asymm location:
/*
* SEP firmware split tool
*
* Copyright (c) 2017 xerub
*/
#include <fcntl.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
@dweinstein
dweinstein / ios_apps.csv
Last active March 12, 2017 19:38
Sample of popular apps observed (via dynamic analysis) to possibly use Cloudflare https://www.nowsecure.com/blog/2017/02/23/cloudflare-cloudbleed-bugs-impact-mobile-apps
application_id package_name title version_string domain
282935706 tv.lifechurch.bible Bible 7.2 cloudflare.com
284910350 com.yelp.yelpiphone Yelp 11.4.0 cloudflare.com
290853822 net.box.BoxNet Box for iPhone and iPad 4.0.1 cloudflare.com
300255638 com.abcnews.ABCNews ABC News – Watch Breaking US & World News, Live Video & Election Coverage 5.10.0 cloudflare.com
304154888 com.nicusa.FBIMostWanted Most Wanted 2.3 cloudflare.com
319881193 com.grindrguy.grindrx Grindr - Gay, bi, social networking and dating app to chat and meet guys 3.0.13 cloudflare.com
322439990 com.fboweb.MyRadar MyRadar NOAA Weather Radar – Forecasts, Storms, and Earthquakes 4.4.4 cloudflare.com
327630330 com.getdropbox.Dropbox Dropbox 28.2 cloudflare.com
329913454 com.crunchyroll.iphone Crunchyroll - Everything Anime 3.00.2 cloudflare.com
@dweinstein
dweinstein / guess-encoding.js
Last active October 21, 2016 01:12
Guess encoding of zip based on `_zip_guess_encoding` from libzip
'use strict';
const ZIP_ENCODING_UNKNOWN = 0;
const ZIP_ENCODING_ASCII = 1;
const ZIP_ENCODING_UTF8_KNOWN = 2;
const ZIP_ENCODING_UTF8_GUESSED = 3;
const ZIP_ENCODING_CP437 = 4;
const ZIP_ENCODING_ERROR = 5;
module.exports.zipEncodings = {
@dweinstein
dweinstein / 0README.md
Last active October 9, 2016 15:36
Template for organizing Frida agents. Should make it easier for community to be able to reuse code. Example device side agents and how to potentially organize them.

SUMMARY

The idea here is to organize multiple agent scripts into modules that can be combined into an aggregated agent.

frida agents generally live under e.g., an ./lib/agents directory in a top level project.

TODO

For each agent script we need a top level runner and then we use frida-compile to build into a single agent script that we can load.

@dweinstein
dweinstein / example.md
Last active June 10, 2016 14:41
configuration / CLI options via RC or env node.js
// config.js
const config = require('rc')('setupios', {
  default: 'value',
  other: {
     thing: 'blah'
  }
});
@dweinstein
dweinstein / nexus7-MOB30J.js
Last active May 16, 2016 12:51
nexus 7 razor MOB30J 6.0.1 android
'use strict';
const tsml = require('tsml');
const USER_AGENT = tsml`Android-Finsky/6.4.12.C-all%20%5B0%5D%202744941
(api=3,versionCode=80641200,sdk=23,device=flo,hardware=flo,product=razor,
platformVersionRelease=6.0.1,model=Nexus%207,buildId=MOB30J,isWideScreen=0)`;
const DOWNLOAD_MANAGER_USER_AGENT = tsml`AndroidDownloadManager/6.0.1
(Linux; U; Android 6.0.1; Nexus 7 Build/MOB30J)`;
module.exports = {
USER_AGENT: USER_AGENT,