novitae

Palera1n & SSL Pinning / Reverse Cheatsheet

Jailbreak

• Download latest release of palera1n.
• Connect iphone to computer.
• Jailbreak using palera1n --setup-fakefs --fakefs. This will setup fakefs to access to sudo later.
• Once phone is running, run palera1n -f to load fakefs. Do it everytime you restart the phone to rejailbreak it, no need to do previous step if the phone wasn't reset.

Terminal

Connecting to SSH

• Ensure openssh package is installed on Sileo
• You can then connect to ssh mobile@IP

novitae

How to Intercept requests from iOS 12's system

I was trying to get the requests made by apple identity's service, and i never succeed. But here's how i finally made with the help of some people from Hack Different discord server. (This is a memo for me)

Requirements

• MacOS
• A jailbroken iOS 12 device (for me: iphone 6, unc0ver jailbroken -- worked with checkra1n --)
• Wireshark
• ssh on the device (easy to install, search by yourself how to install it on jailbroken devices)
• sslkeylog tweak on the iphone (obtainable here, intallation tutorial here (2 paragraphs after "tutorial"))
• Xcode's command line (xcode-select --install)

novitae

from os import system
from time import sleep
from tqdm import tqdm

accounts = [kyliejenner, travisscott, ...]
sleep_time = 300

for account in accounts:
    system(f"sterra export -ssid xxxx -u {account} -t following --name {account}_following")
    for _ in tqdm(range(sleep_time), desc="time until new scrape"):

novitae

from argparse import ArgumentParser
from re import match
import requests
from os import path
from tqdm import tqdm

class UrlNotMatchingError(Exception): pass
class APIFetchingError(Exception): pass

def _getApiResp(url) -> dict: