Beginners Guide to iOS Testing Jailbreak, SSL Bypass & Burp
Рет қаралды 16,702
Күн бұрынHey everyone, it's been a while! Welcome to the finding your first bug series! This week I'm going to show you the basics of iOS testing, this is part one of this series and we'll be covering the absolute basics of how to jailbreak a device, bypass the SSL pinning, and get the device to traffic through Burp on another device.
Did you know this episode was sponsored by Intigriti? Sign up with my link go.intigriti.com/katie I'm so pleased with everyone's positive response to the Intigriti sponsorship and I'm so pleased you folks are finding bugs and even finding your first bugs! Thank you for being awesome!
So to get started with iOS hacking you don't need any specific skills, we're going to go through it all! You will need an iOS device that you're okay to jailbreak, I'm using an iPad Mini 4, but many devices are vulnerable to checkra1n, if you're on windows you can use unc0ver as your jailbreak too. Coming up soon in this guide, the live demo stream next week and then frida and more advanced iOS bugs. See you all soon!
Checkra1n: checkra.in
SSL Kill Switch: github.com/nabla-c0d3/ssl-kil...
Reading ahead? Here's what we'll cover next time:
Frida: frida.re/docs/ios/
Inspecting Apps: resources.infosecinstitute.co...
Objection: www.allysonomalley.com/2018/1...
If your internet isn't stable, iproxy setup to proxy over USB: spaceraccoon.dev/from-checkra...
XSS in an iOS app: www.allysonomalley.com/2018/1...
Top mobile app bugs: www.allysonomalley.com/2020/0...
Credential hunting: spaceraccoon.dev/low-hanging-...
@slaybomb96 4 жыл бұрын
video starts at 3:58
@AjayKumar-xl4jc 3 жыл бұрын
Thanks for this video
@netbin 3 жыл бұрын
I am glad that bug bounty community is focusing on hacking that apple gadgets, its time to do that already. Thanks for great content Katie!
@foxgameplay5449 3 жыл бұрын
wow the way you explain is very easy to understand. i hope more tutorials on it. i am on 14.4.2 no jailbreak yet. sad
@sy-gamer9556 4 жыл бұрын
and thanks katie for the wonderfull video
@InsiderPhD 4 жыл бұрын
You're welcome! Thank you for enjoying it :)
@ismailramzan8927 4 жыл бұрын
It's really amazing 😍. I hope so You will get to 100k very fast. 🙃
@InsiderPhD 4 жыл бұрын
Thank you so much 😀 100k soon I hope!
@adityazalte152 4 жыл бұрын
Videos are awesome
@ca7986 4 жыл бұрын
Waiting for this!
@InsiderPhD 4 жыл бұрын
I hope I did not disappoint!
@ca7986 4 жыл бұрын
@@InsiderPhD you never! I love your content. You're awesome!
@shantanukulkarni1742 4 жыл бұрын
Waiting for complete series on IOS pentesting from scratch to pro.. thanks for video.
@InsiderPhD 4 жыл бұрын
This is only part 1, stay tuned for live iOS hacking, Frida + some demo scripts with Frida for bug hunting!
@AvinashSingh-vj3rk 4 жыл бұрын
Nice video
@xnl-h4ck3r 3 жыл бұрын
Hi Katie. Thanks loads for the video (and all the others!). I was able to follow through and successfully jailbreak my iPad Mini 3 and get traffic through Burp on my iMac... all was great!... but My iPad then ran out of battery and restarted with checkr41n missing and nothing worked. I have tried many times to repeat the setup, but now my iPad will not go into DFU mode and checkr41n fails every time. I was wondering if you have come across this issue with your iPad, or if you know what I need to do to get things working again? Many thanks ...and Happy Birthday! :)
@prembharwani 4 жыл бұрын
Hey Katie , It would be really helpful if you do Android series .I am sure Your videos for Android will help a lot :)
@InsiderPhD 4 жыл бұрын
Yup this is upcoming, I'm just more familiar with iOS and I know few people talk about it!
@theanonymous9110 3 жыл бұрын
Going back to frida as burp works on other devices but my iPhone the only device I’ve got to mess around with today
@ca7986 4 жыл бұрын
❤️
@siratsami71 3 жыл бұрын
Thank you very much but how can I test api s in ios applications? I have jailbreaked my ios and ssl kill switcher but I can't capture the application api s only website requests
@MrPaddy35 4 жыл бұрын
very good video tbh i struggled to do this my first time ever it took me hours
@InsiderPhD 4 жыл бұрын
Thank you so much, I had the same experience, struggling to get it and realising that it really can be very straightforward!
@MrPaddy35 4 жыл бұрын
@@InsiderPhD yep thanks for quick recap i will say :) worth watching
@aneeshnadh5377 4 жыл бұрын
Good video, can you do a video on android app bug bounty?
@InsiderPhD 4 жыл бұрын
Soooooon! I promise, it's in the pipeline I just haven't got to it yet!
@ShortKenshi 3 жыл бұрын
I had some issues on IOS 13.3 and this solved them: Update burp so you can disable TLSv1.3 in: Proxy > Options > Proxy Listener > Edit the one you are using > TLS Protocols > Use Custom Protocols Trust the certificate as root certificate on your phone in: General > About > Certificate Trust Settings
@InsiderPhD 3 жыл бұрын
Great advice! I will make sure to highlight this in the description!
@ArtBySujan 2 жыл бұрын
I have a iPhone 11 it can possible on it
@sy-gamer9556 4 жыл бұрын
when my device enters recovery mode my linux device gives the message didnt find the device how to fix it can anyone help
@theanonymous9110 3 жыл бұрын
I can’t get my network to work after entering my proxy I got from the search all tab in options in burp? I tried localhosts, my ip, my main ip, the ip in WiFi networks and burps set to accept all connections but on iOS device no internet now..
@nikhilsawant1106 4 жыл бұрын
Please do android series as well. Thanks
@InsiderPhD 4 жыл бұрын
Coming soon, I'm more familiar with iOS so this one came out first, Android will cover emulator setup + all the same stuff!
@6cylbmw 4 жыл бұрын
Are we required to have a macos for this? I have done some research on my own for starting mobile hacking on iOS and I lived with the idea that I need a macOS for this.
@InsiderPhD 4 жыл бұрын
No! On windows, you can use unc0ver to jailbreak and you're all good! You can totally do this all on windows without OSX!
@6cylbmw 4 жыл бұрын
@@InsiderPhD Perfect, I really wanted to get started into mobile app hacking, but never had the patience to start it. Meanwhile I have started searching for a cheap second hand iphone 6s, tomorrow buying it :). Thanks Katie for your online presence.
@Demonking440 3 жыл бұрын
How is it going man?
@jonnysokkoatduckdotcom Жыл бұрын
From i think it is 6:32 in the video the video sound goes way down
@anonymous-ve9bc 4 жыл бұрын
hello i dont see ssl Kill Switch in setting
@ranjithkumarmayavan9701 3 жыл бұрын
what's the difference between testing an API in IOS and Android..
@jonnysokkoatduckdotcom Жыл бұрын
How come intIgriti website is not incrypted? Its NOT HTTPS
@adityazalte152 4 жыл бұрын
How to use Metaspoit framework in bug hunting ..like at hackerone ,Bugcroud etc.
@InsiderPhD 4 жыл бұрын
Metasploit isn't really used in bug hunting - it's more commonly used for pen testing, we will usually use burp!
@ArkanoidGaming 4 жыл бұрын
Hey Katie , I had a doubt recently , since you are experienced in iOS app pt , I wanted to know whether an iPod Touch 5th Gen would be good to do pentesting on iOS apps? Please do reply to this comment as I have been searching for answers everywhere
@InsiderPhD 4 жыл бұрын
I don't know sorry, you'll have to see what version of iOS it runs and see if it can run iOS13+, and if it can be jailbroken via canijailbreak
@ArkanoidGaming 4 жыл бұрын
@@InsiderPhD it has iOS version till 9.3.5 , i cant jailbreak it , but the main issue is , will it be useful for iOS pentesting
@sy-gamer9556 4 жыл бұрын
when will you release your next video on ios app testing??
@InsiderPhD 4 жыл бұрын
Soon I'm just taking a break at the moment :)
@jonnysokkoatduckdotcom Жыл бұрын
At 12:11 you video cuts off in the middle of you explaining why you should NOT DO SOMETHING! and we never find out what it is that we SHOULD NEVER DO! what is it that we should NEVER DO?!
@dontaskme1625 4 жыл бұрын
what is the Ios emulator talked about at 4:20 ?
@InsiderPhD 4 жыл бұрын
The emulator is: www.grinningsoul.com/ developed by twitter.com/daeken !
@Mybabyworld0722 6 ай бұрын
How to stop ssl certificate bypassing after implementation in ios?
@InsiderPhD 6 ай бұрын
Same as in the video but there’s ssl killswitch 3 now
@jonnysokkoatduckdotcom Жыл бұрын
Wait, that was it? It kind of just ended.
@razexrazex 4 жыл бұрын
Important thing to know, SSH open by default username/password remember to change it.
@InsiderPhD 4 жыл бұрын
I should have mentioned this! Absolutely ensure that you only use your home network or change the password!
@boogleapp8638 3 жыл бұрын
Hey! Are you still active? I need to get a API Request, if you know how. Let me know, I'll tell you what I need.
@cloufish7790 4 жыл бұрын
12:10 this is pure gold xD. Hackers cut off the recording! 😱
@InsiderPhD 4 жыл бұрын
Sorry! I still learning a new piece of editing software, this KZbin channel is a bit of a one man band! I don't really have any experience in editing so sometimes I make mistakes. I'm a hacker not a video editor! Just trying to do my best
@cloufish7790 4 жыл бұрын
@@InsiderPhD np 🙂
@salahhisham3467 4 жыл бұрын
hey Katie, I'm A student Looking For Part time job i have Some Skills in Web Development like Html,css,js,jquery,ajax,php,mysql,oop,designpatttern my Question is What will be less comptetive and i can make few money from it should i Start Bugbounty ?or Continue in Web development ? i have 2 month only left as free time to develope my skills and i want to use them in a right way for me i like both bug hunting,web development but i feel both of them is very comptetive nowdays so please i want your help and your point of view ,thanks in advance
@InsiderPhD 4 жыл бұрын
Do both! A web developer with security skills is such a big bonus, or a bug bounty hunter with web dev knowledge can find really unique bugs! Keep on web development, honestly it's a skill that will be in demand a long time and you can develop your security skills around your web dev ones. I started out doing web development!
@salahhisham3467 4 жыл бұрын
@@InsiderPhD oh that's Cool i will try to do both ❤
@sanallince3547 9 ай бұрын
Hey katie, I am bigineer to IOS world, in my proffesion i need to jailbreak a new iphone for testing ios applications. I research a lot but i confused, can you suggest a iphone in 2023 to vulnerable checkra1n or any other softwares. Your reply is more value at this movement. I need help : )
@InsiderPhD 8 ай бұрын
So do I :P I still can’t get my iPad back into a security research state since it accidentally updated to iOS 16
@sanallince3547 8 ай бұрын
@@InsiderPhD ok, if it's possible to jailbreak IOS 15 or 16
@cardzzz6585 4 жыл бұрын
Awesome video! a couple editing hiccups, but who cares!
@InsiderPhD 4 жыл бұрын
Sorry about that, new editing program, still learning!
@jonnysokkoatduckdotcom Жыл бұрын
A HACKING Website NOT HTTPS?
@InfoSecIntel 4 жыл бұрын
Hey, i tried to ask this by tweeting you on Twitter a while ago but im not the best ‘tweeter’ so maybe i did it wrong. Anyway, This is the third time arjun has found this parameter on three totally different websites. The parameter is p4ssw0rD. Only this parameter will cause a 403 forbidden response no matter what the value is. Im not sure because its been a while since the last time this happened, but it may be that all of these sites are running on cloudfare. I’ve tried googling what this strange parameter is for with no luck. Even if you dont have the answer, I thought you may be interested to hear about this behavior. Thank you!
@InsiderPhD 4 жыл бұрын
It might have been filtered, I get a lot of notifications so I have to manage my notifications so if you had a new account/default profile pic/no phone number I may not have seen it. That's very interesting! I've not seen that behaviours before!
@MrPaddy35 4 жыл бұрын
its not cyndia katie lol its cydia
@InsiderPhD 4 жыл бұрын
Omg I'm such a smooth brain with pronunciation, it's ffuf all over again
@MrPaddy35 4 жыл бұрын
@@InsiderPhD haha :) it was funny tho , didnt meant to be offensive
@dontaskme1625 4 жыл бұрын
make the sponsor part shorter, 3 minutes is extremly long IMHO
@InsiderPhD 4 жыл бұрын
Thank you for the feedback! I appreciate your thoughts and I will see if I can make any changes to the sponsorship. I should say that a sponsorship really does help me invest in the channel, and this channel does not make enough to be able to afford things like the improved audio setup without it, so I'm very fortunate in that regard!
@InsiderPhD 4 жыл бұрын
I do take this feedback seriously and I will figure out how to improve for the next sponsorship round :)
@AjayKumar-xl4jc 3 жыл бұрын
Thanks for this video
InsiderPhD
Рет қаралды 19 М.
Billy Ellis
Рет қаралды 74 М.
Great Scene
Рет қаралды 3,2 МЛН