Just going through the source of unc0ver JB, and i must say, they have put a lot of work into it, and his whole team deserves more credit for giving it out for free. I have also started working on the 3rdarticle which will explain how jailbreaks are written, ETA 20 days
Follow
Prateekg147
@prateekg147
Focusing on *OS and Browser Security.
Prateekg147’s posts
#iOS Talks from #36c3
Messenger 0-click-
media.ccc.de/v/36c3-10497-m
Untethering iDevices
media.ccc.de/v/36c3-11034-t
Trustzone security
media.ccc.de/v/36c3-10859-t
checkra1n -
media.ccc.de/v/36c3-11238-t
Building an iOS debugger -
I wrote couple of blog posts discussing #iOS security in depth along with a detailed walkthrough of the voucher_swap exploit
Part 1: darkmatter.ae/papers-article
Part 2: darkmatter.ae/papers-article
Part 3 will discuss Jailbreaking in detail
Excited to release a completely new version of Damn Vulnerable iOS App (DVIA) rewritten in Swift with additional vulnerabilities.
Website - damnvulnerableiosapp.com
Intro article - highaltitudehacks.com/2018/04/19/dam
Github - github.com/prateek147/DVI
A 5-part complete series of on ARM64 exploitation and reversing by
Part1: 8ksec.io/arm64-reversin
Part2: 8ksec.io/arm64-reversin
Part3: 8ksec.io/arm64-reversin
Part4: 8ksec.io/arm64-reversin
Part5: 8ksec.io/arm64-reversin
Replying to
Quick update , #checkra1n should Be live in a Few hours once the dependency issues with some devices are resolved
Back home after BH, so much cool stuff on iOS dropped in the last week. A week off is just what i need. For those interested, this is my reading list
dropbox.com/s/1a0foqjctrqz
i.blackhat.com/USA-19/Thursda
i.blackhat.com/USA-19/Thursda
googleprojectzero.blogspot.com/2019/08/the-fu
Nice blog post on exploiting Android deeplinks
voucher_swap exploit walkthrough series for iOS
Part 1 - highaltitudehacks.com/2020/06/01/fro
Part 2 - highaltitudehacks.com/2020/06/01/fro
Test your Mobile Hacking and Penetration testing Skills with Damn vulnerable iOS app http://t.co/5OW0Dm1DN8 via #Security
All slides from MOSec 2017
New Blog Post by in Advanced Frida Series on using for Analyzing Signal & Telegram Messages for iOS
#MobileSecurity #iOSSecurity 8ksec.io/advanced-frida
Advanced Frida Usage Part 1 - iOS Encryption Libraries
iOS Deep Link Attacks Part 2 – Exploitation by
Replying to
Damn I feel in pressure now for giving an ETA :D it will be an online article
I have decided to make #DVIA (Damn Vulnerable iOS App) solutions free for download highaltitudehacks.com/2015/04/03/dam . Enjoy & RT please :)!
Who will be interested in a blog series on jailbreaking, starting from iOS security basics to the bug and a walkthrough of the most JBs ?
Interested in Learning about ARM64 Reversing And Exploitation? Check out this latest Blog post on Using mprotect to bypass NX Protection
Excellent blog by on Android SELinux Internals and how SELinux Context affects permissions on Android, along with techniques to bypass them
#androidsecurity
Nice article about internals of usbmux medium.com/@jon.gabilondo
another cool project worth checking out
Intercepting locationd daemon to sniff location data on iOS 8ksec.io/advanced-frida
#MobileSecurity #Frida
I will be looking for some Smart people to join our Research Lab. Feel free to DM and set up a time to talk.
Congrats to the team for bringing back jailbreaking to the masses. And to do it for free, this work takes a lot of time of time and effort. Legends !!!
Day 2 of Offensive mobile reversing and exploitation training cc:@beyondsecurity Thanks
For those interested in iOS malware detection, this talk from is a great place to get started :)
I will be giving a 2 hour hands-on workshop on “WebKit exploitation” at , bring a Mac with Xcode command line tools Installed if you want to follow along with the demos. A vuln version of jsc would be provided.
Back home from #POC2019 , what a great con, attended some amazing talks and made a lot of new friends ! Looking forward to next year, thanks and 🍺
Just submitted to Nullcon, one of the coolest cons in one of the best venues 🏖 And would highly recommend it specially for first time speakers
Quote
#CFP for @nullcon is closing on 15th November: nullcon.net/website/goa-20 Have you filled your CFP yet. I am excited to start the reviews hoping this year again submissions make my decisions hard.
Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox
Had a great time talking about the voucher_swap() exploit
Quote
iOS Application Security Part 36 – Bypassing certificate pinning using SSL Kill switch - Prateek Gianchandani: prateek147.github.io/2014/11/03/ios
Months of hard work and sleepless nights ,finally proud to be #OSCE certified. Thank you . #tryharder
Use this GitHub project to get root on iOS 11.1.2 once you have tfp0 from Ian Beer’s exploit. github.com/benjibobs/asyn Gets temp pid0 access
DVIA (Damn Vulnerable iOS App) 2.0 is live. Download it from damnvulnerableiosapp.com
Small writeup on it highaltitudehacks.com/2015/05/31/ios
Quote
En el #training de @Din3zh y @prateekg147 aprenderás a explotar Damn Vulnerable iOS App, Android-InsecureBankv2 y otras vulnerabilidades 
Además te llevás scripts, VM y documentación para seguir practicando #exploiting.
Info 
bit.ly/2ZFfVtW
#reversing #exploitation
Además te llevás scripts, VM y documentación para seguir practicando #exploiting.
Info bit.ly/2ZFfVtW
#reversing #exploitation
Off to Seoul for #POC2019, looking forward to some really interesting talks , let’s catch up if you are around !
List of fake websites for Jailbreak. Be careful people, there is no jailbreak for 10.3.2 atm theiphonewiki.com/wiki/Scam_Jail
Quote
I built an iOS kernel debugger called KTRW based on a KTRR bypass for the iPhone X. It is capable of patching kernel __TEXT_EXEC, loading kernel extensions, and performing single-step kernel debugging with LLDB and IDA Pro over USB: github.com/googleprojectz
If you are coming for our training blackhat.com/us-18/training , you will get a first hand access to 's virtualized iOS platform. Special thanks to cc:
Nice whitepaper on #IoT security -> Using Software Defined Radio to Attack "Smart
Home" Systems sans.org/reading-room/w
Highly recommend the Browser exploitation series by , very informative , though I need to watch it atleast 3 more times
Replying to
Some people whose work I referred while writing these blogs, and of course Amit Singh’s classic book on Mac OS internals
Had issues compiling #DVIA on iOS 10 & Xcode 8 ?? wrote a nice blog post about it nowsecure.com/blog/2016/10/2
Gentle reminder, see you there at 2:00 tomorrow
Quote
I will be giving a 2 hour hands-on workshop on “WebKit exploitation” at @HITBPlus , bring a Mac with Xcode command line tools Installed if you want to follow along with the demos. A vuln version of jsc would be provided.
So my and s trainings went really well , one of the best batches of students we have had ! now looking forward to some cool talks.
GSM/GPRS Traffic Interception for Penetration Testing Engagements
nccgroup.trust/uk/about-us/ne
Thanks, planning to cover Jailbreaking in a lot of depth in Part 3 !
Quote
Awesome write up by @prateekg147 darkmatter.ae/papers-article .
If you are interested in iOS jailbreaking process I suggest you to check it out!
Great work!
Really like the virtual setup for 2020, by the way my talk on Browser Security starts in 5 hours
The blogs on browser exploitation from are top-notch. Highly recommend checking them out
Last few seats left for our training “offensive mobile reversing and exploitation” at #POC2019 in Seoul, South Korea!
access for all students
Registration link: powerofcommunity.net/training2.htm cc:
If you want to understand the technical details of how Bitcoin works bitcoin.org/bitcoin.pdf
I will be starting a blog series on Hacking #IoT devices soon. Please keep checking highaltitudehacks.com
Stoked to be teaching “Offensive Mobile Reversing and Exploitation” in June. Register here typhooncon.com/registration/
Replying to
New version of Damn Vulnerable iOS app is out, will work on iOS 10 once jailbreak is available damnvulnerableiosapp.com
Great talk from AMS 2019 on new attack vectors on *OS, deserves more than just 100 views
Good read. Practical Reverse Engineering Part 1 - Hunting for Debug Ports jcjc-dev.com/2016/04/08/rev
Damn Vulnerable iOS app for iOS 8 is released with new challenges #DVIA #iOS highaltitudehacks.com/2014/12/01/dam Get it now !! damnvulnerableiosapp.com
I am really impressed by the Mobile application hacker's handbook. It would not be wrong to call it the bible for Mobile App Sec
Quote
Still some time left to register for my training “Offensive Mobile Reversing and Exploitation” in June. typhooncon.com/registration/
Nice online tool for scanning your android apps. apkscan.nviso.be Does both static and dynamic analysis.
Replying to
Nice talk from #blackhat on automation in security audit #iOS applications youtube.com/watch?v=InGbQ6
Finally registered for AWAE from , here’s to another month of hacking and no sunshine 🍻
Nice collection of ARM binaries for exploit development - Specific to iOS github.com/Billy-Ellis/Ex
Nice online tool for analyzing the security of iOS applications. machoviz.anrc-services.com/macho/macho by