Closed sushi2k closed 5 years ago
Step by step process & scripts to be used to bypass the Jailbreak detection mechanism in the iOS application using Frida.
Thanks @rubaljain ! Can we reference to this in the MSTG?
Hi Jeroen,
Sure, you can create a reference to it. I would further love to contribute in MSTG.
Let me know in case you have any further requirement.
Thanks, Rubal
On Wed, 20 Mar, 2019, 9:08 PM Jeroen Willemsen, notifications@github.com wrote:
Thanks @rubaljain https://github.com/rubaljain ! Can we reference to this in the MSTG?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/OWASP/owasp-mstg/issues/901#issuecomment-474889976, or mute the thread https://github.com/notifications/unsubscribe-auth/AS2UtWqyTojZNV1I58wM_G00lUBYhPCmks5vYlXkgaJpZM4UhdMU .
The script referenced above only works for the DamnVulnerable iOS app so I don't think we need to reference it.
I suggest we reference to objection and its jailbreak bypass script, as it makes more sense to have people contribute to it there, than to have to update a very long script in a testing guide:
https://github.com/sensepost/objection/blob/master/agent/src/ios/jailbreak.ts
If that's ok with you, I can just add this reference and leave the rest as is (there's already some info in the guide)
Yes, we can do that. However, in case objection fails to bypass the Jailbreak detection then my script can be used wherein the user has to manually provide the class and method name.
On Wed, May 8, 2019 at 12:55 AM Jeroen Beckers notifications@github.com wrote:
The script referenced above only works for the DamnVulnerable iOS app so I don't think we need to reference it.
I suggest we reference to objection's jailbreak bypass script, as it makes more sense to have people contribute to it there, than to have to update a very long script in a testing guide:
https://github.com/sensepost/objection/blob/master/agent/src/ios/jailbreak.ts
If that's ok with you, I can just add this reference and leave the rest as is (there's already some info in the guide)
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/OWASP/owasp-mstg/issues/901#issuecomment-490222452, or mute the thread https://github.com/notifications/unsubscribe-auth/AEWZJNOFVWNLICR6EUBANVDPUHJTTANCNFSM4FEF2MKA .
-- Regards Rubal Jain
Fixe din #1276
In 0x06j chapter, #### Bypassing Jailbreak Detection