OIS Pentesting
Automate Static Analysis using MobSF and www.ostorlab.co
----------------------------------------------------------------
IOS Static Analysis- with Online Tool:
Go to the https://www.ostorlab.co/IOS Static Analysis- with MobSF:
sudo apt update
sudo apt install -y docker.io
sudo systemctl enable docker --now
docker
sudo docker pull opensecurity/mobile-security-framework-mobsf
sudo docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf
sudo docker ps -a
sudo docker start <container id>
Listening at: http://0.0.0.0:8000
sudo docker stop <container id>
sudo docker kill <container id>----------------------------------------------------------------
Dynamic Analysis with Burp Suite
Step 1: Use Jailbreak IOS Device OR Xcode emulator on Mac
If SLL Pining Not Enabled then Use Any Non Jalbroken Iphone Device:
1. Set the Burp proxy to System iP with Specific Address and with 6565 port
2. Then go to wifi I icon in IPhone
3. Select config proxy
4. Select Manual
5. Server me Apny system ka ip dalo Jo burp me bhi Dala tha or port me burp wali porot 6565 or Authentication ko off hi rehny do
6. Go to safari then type http://burp
7. Download burp certificate profile then go to settings then show u profile install option then install the certificate profile
8. Then go to Settings then gernal then about then click certificate trust settings
9. Then enable portswiger CA certificate
10. Now u intercept any unprotected app reques----------------------------------------------------------------
Jailbreak IOS devices on iOS 15.0 - 16.6.1* with Dopamine
Connect IPhone to PC with Cable
Download TrollRestore.exe into PC
After install TrollStore app in IPhone
then Download Dopamine.tipa to Github in Iphoen
then install in iphone via TrollStore APP Manager
then after Open the Dopamine app then Click Jailbreak
----------------------------------------------------------------
Last updated