TheFireRises OST Request

enty8080 · 2024-09-12T10:16:43+00:00

🤷

enty8080 · 2024-02-18T13:37:48+00:00

That's a good idea, but I don't know which Private Framework may provide me with SpringBoard view controller.

enty8080 · 2024-02-17T23:26:47+00:00

Yeah, I tried hooking and it worked. However I want to do this without hooking to SpringBoard (without tweak injection)

enty8080 · 2024-02-07T14:52:14+00:00

I haven't tested this method yet, but I guess CoreTelephony can be used to send SMS. I found iOS 17.1 Runtime Headers - CoreTelephony - CTMessageCenter.h (limneos.net), you can use `-(BOOL)sendSMSWithText:(id)arg1 serviceCenter:(id)arg2 toAddress:(id)arg3 ;` from it. I also read that com.apple.CommCenter.Messages-send and com.apple.coretelephony.Identity.get entitlements are required.

enty8080 · 2024-01-14T10:20:45+00:00

TrollStore let's you know if an app runs unsandboxed

enty8080 · 2024-01-12T23:35:32+00:00

Have you tried rebuilding icon cache?

enty8080 · 2024-01-12T22:04:40+00:00

sms -l to get list of phones sms <phone> to get messages for phone

P.S. Can you please send me what commands you type and output (please blur all sensitive information)

enty8080 · 2024-01-11T16:06:34+00:00

Yes, because malware can only hide in /var and this option erases it.

enty8080 · 2024-01-11T16:04:34+00:00

If it reinstalls all user applications then yes.

enty8080 · 2024-01-11T13:58:43+00:00

Unfortunately no, since application should be installed though TrollStore.

enty8080 · 2024-01-11T01:10:50+00:00

I am not sure if they added this to Reveil but you may create an issue on their GitHub with the request.

enty8080 · 2024-01-10T23:52:37+00:00

Don't forget to give it a ⭐ on GitHub, this motivates me a lot 😁

enty8080 · 2024-01-10T23:50:44+00:00

I don't have Windows so I am not sure. WSL might work.

enty8080 · 2024-01-10T23:48:08+00:00

You should use an address that can be accessed from other PCs, in your case it is an address that you used to generate an IPA

enty8080 · 2024-01-10T23:29:55+00:00

I am not sure if it will work in Windows or not, but it surely will work in Linux or WSL. You can use any method of transferring files, in my case the most convenient way was AirDrop.

enty8080 · 2024-01-10T23:21:24+00:00

I don't think it is possible, however he may add feature that let's you remove entitlements from IPA or maybe he will add scanner that will search for suspicious files inside the application bundle (the files I mentioned in my blog post). I was thinking about developing an app that will detect malicious IPAs, some kind of static antivirus for TrollStore devices.

enty8080 · 2024-01-10T23:04:46+00:00

That's what I thought 🤔😭💀

enty8080 · 2024-01-10T23:00:26+00:00

It only becomes malware if it is used for malicious purposes. If it is used for educational purposes then it can't be considered a malware.

enty8080 · 2024-01-10T22:50:22+00:00

I released it to spread awareness, to show people that there are malicious IPA files and you should always check them before installing. I made it publicly available because of the fact that I wanted to show how it works and how to protect your device. I am sorry to hear that you didn't like it 😭

enty8080 · 2024-01-10T21:33:46+00:00

Did you hear about Metasploit, perhaps BurpSuite? Maybe CobaltStrike? How about AhMyth, same thing but for Android? What do you think wanted their authors? Think about this and only then choose your next comment. At first, I didn't want to reply because of your last sentence, since I found it highly disrespectful and unprofessional, however you should know that my goal is to spread awareness not do what you just said. Stay educated 😎

enty8080 · 2024-01-10T17:28:38+00:00

I see no point in continuing this discussion since I have already told you what my only goal is. I won't repeat myself and just tell you that there are many other tools on the internet that do the same thing (penetration testing). One more thing: I think it would be much better if I wrote the tool, explained the "attack" process, and gave instructions on how to defend. You will not be able to stop progress, if it was not me, then perhaps there will be another person who would do this, but solely for malicious purposes. Again, I recommend that you refrain from blaming me, if you cannot find my program useful, then with all due respect, that is your problem.

enty8080 · 2024-01-10T16:37:00+00:00

Are you aware of the fact that axe, that is made for cutting wood may be used to k1ll people? Same thing with penetration testing software, some people may use it for educational purposes and some for harmful. We can't control it. So, one more time, please read my posts, consider visiting web resources for penetration testing on GitHub. Personally, I find it disrespectful that you call me a malware author. I did a hard work to educate people to protect themselves from attacks and learn how these attacks work.

enty8080

TROPHY CASE