Jailbreaking - Ivan's Blog

Ivan's Blog

Sign in

Jailbreaking

A collection of 7 posts

What checkm8 means for stalkerware on iOS

What checkm8 means for stalkerware on iOS

On Friday, September 27th 2019 many of us on the mobile security community were surprised with the news of a SecureROM [https://www.theiphonewiki.com/wiki/Bootrom] vulnerability disclosed on Twitter [https://twitter.com/axi0mX/status/1177542201670168576] by @axi0mX [https://twitter.com/axi0mX]. axi0mX described it as "a permanent

Decrypting iOS applications - iOS 12 Edition

Reverse Engineering

Decrypting iOS applications - iOS 12 Edition

As some of you may know, with the release of iOS 12.4 Apple accidentally reintroduced a vulnerability [https://www.vice.com/en_us/article/qvgp77/hacker-releases-first-public-iphone-jailbreak-in-years] already patched on iOS 12.3 [https://support.apple.com/en-us/HT210118]. Shortly after this discovery, @Pwn20wnd [https://twitter.com/Pwn20wnd] released a

Analyzing iOS Stalkerware Applications

Analyzing iOS Stalkerware Applications

Stalkerware (a.k.a. Spouseware) applications are invasive applications that an individual installs on a target's device (usually their partner) to spy on them, snooping in as much data as they can. They aim to collect phone calls history, private messages, location data, browsing patterns, and many other

Tips for Mobile Bug Bounty Hunting

Tips for Mobile Bug Bounty Hunting

My good friend Pete Yaworski [https://twitter.com/yaworsk] encouraged me to join the bug bounty scene for a long time before I decided to jump in and start using my mobile app sec knowledge to ethically hack on mobile apps from public bug bounty programs. Pete, who literally wrote

What do Pointer Authentication Codes mean for iOS jailbreaking?

What do Pointer Authentication Codes mean for iOS jailbreaking?

Yesterday, Sep 12th, Apple announced [https://www.youtube.com/watch?v=9m_K2Yg7wGQ] their next generation of iPhones. The iPhone X [s], X [s] Max and X [r] are the new members of the iPhone family and "the most advance iPhones Apple has ever created". You can watch

Fix Cydia Impactor crypto-osx.cpp:97 error

If you upgraded to macOS Hight Sierra 10.13.x changes are Cydia Impactor [http://www.cydiaimpactor.com/] is giving you this error when trying to install an app: The text reads: crypto-osx.cpp:97 The user name or passphrase you entered is not correct. But beyond that there is

Installing Dropbear SSH on iOS 10.3.3

Installing Dropbear SSH on iOS 10.3.3

In December last year, @thimstar [https://twitter.com/tihmstar] and @S1guza [https://twitter.com/s1guza] released H3lix [https://h3lix.tihmstar.net/] a semi-untether jailbreak for all 32-bit devices on iOS 10.0 to 10.3.3. This is amazing, it means devices like the iPhone 5 and 5c are jailbroken