开源软件名称(OpenSource Name):nabla-c0d3/ssl-kill-switch2开源软件地址(OpenSource Url):https://github.com/nabla-c0d3/ssl-kill-switch2开源编程语言(OpenSource Language):Objective-C 58.3%开源软件介绍(OpenSource Introduction):SSL Kill Switch 2Blackbox tool to disable SSL/TLS certificate validation - including certificate pinning - within iOS and macOS applications. Second iteration of https://github.com/iSECPartners/ios-ssl-kill-switch . DescriptionOnce loaded into an iOS or macOS application, SSL Kill Switch 2 will patch low-level functions responsible for handling SSL/TLS connections in order to override and disable the system's default certificate validation, as well as any kind of custom certificate validation (such as certificate pinning). It was successfully tested against various applications implementing certificate pinning including the Apple App Store. The first version of SSL Kill Switch was released at Black Hat Vegas 2012. The most recent version iOS that is known to be supported is 14.2. iOS InstructionsOn iOS, SSL Kill Switch 2 can be installed as a Cydia Subtrate tweak on a jailbroken device. WARNING: THIS TWEAK WILL MAKE YOUR DEVICE INSECUREInstalling SSL Kill Switch 2 allows anyone on the same network as the device to easily perform man-in-the-middle attacks against any SSL or HTTPS connection. This means that it is trivial to get access to emails, websites viewed in Safari and any other data downloaded by any App running on the device. InstallationThe following dependencies should be installed using Cydia:
Then, download the latest pre-compiled package available in the release tab of the SSL Kill Switch 2's GitHub page. Copy it to the device, install it and respring the device:
There should be a new menu in the device's Settings where you can enable the extension. Finally, kill and restart the App you want to test. The tweak can later be uninstalled using:
Intercepting the App Store's trafficLots of people have asked about how to intercept the App Store's traffic using SSL Kill Switch 2. I wrote down some instructions here but there are now outdated: http://nabla-c0d3.github.io/blog/2013/08/20/intercepting-the-app-stores-traffic-on-ios/ Intercepting with Charles ProxyBy default, SSL Kill Switch will disrupt the Charles Proxy iOS app and you will not be able to proxy any network traffic with it. To fix this, add the Charles Proxy app (com.xk72.Charles) to the list of excluded bundle IDs in the SSL Kill Switch config: BuildThe build requires the Theos suite to be installed available at http://www.iphonedevwiki.net/index.php/Theos/Getting_Started . Then, within SSL Kill Switch 2's root foler, create a symlink to your theos installation:
Make sure dpkg is installed. If you have Homebrew, use:
Then, the SSL Kill Switch 2 Debian package can be built using:
macOS InstructionsSSL Kill Switch 2 can be used in macOS applications as a dynamic library to be injected into processes. WARNING: THIS HAS NOT BEEN TESTED ON RECENT VERSIONS OF MACOSUsageOn macOS, the SSLKillSwitch library needs to be manually injected into the process where SSL pinning needs to be disabled. Once injected, it will automatically override and disable SSL validation. There are several ways to do this including:
Restricted AppsTBD BuildUse the Xcode project to build SSL Kill Switch 2 for macOS. The compiled library will then be available in Products/SSLKillSwitch.framework/Versions/A/SSLKillSwitch. This is the binary that you need to inject in the process where you want to disable SSL pinning. Changelog
LicenseMIT - See ./LICENSE. AuthorAlban Diquet - @nabla_c0d3 |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论