Updated IPA pokemon 1.3.0, tweak 1.4r28 > http://www.filepup.net/files/MaLBhOM1470806399.html
This new update has the latest version of Pokemon with all the fixes (I will let someone else edit this description and add to it the details of what has changed. Credit goes to Will Cobb and Unlimapps for Making it happen.
* update *
The link in title is for version 1.3.0 with the old version tweak prior to 1.4r43 (which contains bug fixes)
EverythingApplePro published a guide on: https://www.youtube.com/watch?v=CgkoUS8g9C4
*Links are from the guide.
Hide My IP is a paid service on Android however on iOS for some reason that I don’t really understand, they can’t have an app or something, so, they made This Website , you just go there, put ur email address, and they will send you a username and a password but also a file as an attachment. First of all, install open VPN on you iDevice and then once you get that email, just go to the file click on it if I remember well and choose copy to OpenVPN and then just add it there and use the credentials you were given. You should know that according to them your getting for free a username and password to a premium server that will last you a month only. Once the month is finished just repeat the whole process and you will get another month.
I don't think so, that they are doing something wrong. I tried following:
Signing with 7 day profile and cydiaimpactor - working Signing with 7 day profile made with xcode and used it in iOS App Signer - working Signing with various wildcard Profiles bought from ipastore, appdb, udidregistrations in iOS App Signer - not working Signing with said services - not working
And i heard of people using a paid dev account with cydiaimpactor: working and also signen with iOS App Signer and an Enterprise Profile: also working. But with various services i not tried myself: not working.
In my opinion it has to do with this https://stackoverflow.com/questions/33945484/app-creating-files-while-iphone-is-locked in conjunction with the issue that wild card profiles doesn't support all features like app groups. I think that deezer creates a temp file which is played. But on lockscreen with password it will be encrypted as described on the stackoverflow post. But this is done with the deezer cert ID. And only when the app is signed with this cert it is allowed to access it when locked. - With resigning with a non-wildcard cert the ID of the cert is allowed to access it too. But with a wildcard cert one of the needed "features" is not enabled to be allowed to access the file.
But you still haven't said how you do it? How with what service (very likely signulous?) or tool have you signed the iPA you provide? Cause if signulous has found a magical way how they do it the right way it would be a huuuge selling point. But as i invested already many dollars and was always disappointed i don't want to sign up to this service which also very likely fails to get it working as expected.
It crashes when sideloading with a Wildcard/Universal Profile like appdb and other signing services are using (profile for udid instead for specific app)
It works without crashing if Profile is only for one app. Like if you use Cydia Impactor or generate a Cert with XCode and a non-developer apple id and use it then for signing the ipa with signing tools on mac or with appdb. I heard it also works when signed with an enterprise cert. (not tried myself)
In my opinion it has to do with this https://stackoverflow.com/questions/33945484/app-creating-files-while-iphone-is-locked in conjunction with the issue that wild card profiles doesn't support all features like app groups.
I think that deezer creates a temp file which is played. But on lockscreen with password it will be encrypted as described on the stackoverflow post. But this is done with the deezer cert ID. And only when the app is signed with this cert it is allowed to access it when locked. - With resigning with a non-wildcard cert the ID of the cert is allowed to access it too. But with a wildcard cert one of the needed "features" is not enabled to be allowed to access the file
I never really learned how to code nor i'm a expert in xcode and it's features - so i don't know hot to fix it but maybe a real developer knows a way to make the app think that it's compiled as development build or somehow inject the NSFileProtectionNone
Ah ok. In this case you can do this using this method and this version of iTunes. I hope this helps!
> Couldn’t it be rewritten to connect to a “offsite” web server, so the “local” problem is solved, or maybe any other way to make it to bypass it, like mirroring?
That is what I mean by running Metasploit CE on a desktop, then port forwarding it. But then, you can only scan/exploit devices in your LAN, unless you bring your desktop around with you.
> I get it that Metasploit is usually used for gaining command to other things and control from somewhere else, and that this is closer to Armitage, but I’m asking if it’s possible and usable.
I just want to say that msfvenom is great for creating payloads. It’s part of Metasploit, so your comment about Metasploit being used solely for remote control is slightly incorrect. Armitage is almost based entirely off of Metasploit too, so...
> [Is it] possible to make something like a connection between “home” and “target” network with either proxy or VPN?
Sigh. Look up the concept of “pivoting” somewhere online. To make it easier on yourself, setup a vulnerable node on the network you’re trying to hack and expose it to the Internet. Hack into that from your home PC (from your phone, via SSH), then apply pivoting and you can access that network. Connecting a vulnerable node and your Metasploit server to a VPN will add some protection as well...
> Sorry to say, but I’d rather die than need to pick up a Samsung, or be tortured / extorted / payed big time to use a different kind of android… sorry, I really hate android. I’d even rather have a Windows Phone.
I didn’t say anything about buying a Samsung. They’re shit. Get a Nexus or a OnePlus and load this bad boy onto it: NetHunter :)
I wish you luck in mobile pentesting and hope you find something that works for you!
Just made a fresh pre hacked version, the thing is I have no idea how to tell if this is running the latest -43 version. I can't see anything new or different. http://www.filepup.net/files/MaLBhOM1470806399.html
I ended up using this weird tool that lets you do it. https://imazing.com/
https://imazing.com/guides/how-to-manage-apps-without-itunes It's kinda shitty looking but for the specific thing I needed it to do, it did it well.
I also had issues with it not logging in or playing music if I was on a cellular network, for me AT&T. But when I would be on wifi it would work fine. So I downloaded a VPN app called Betternet, I have to be on a VPN for it to work normally. I don't understand why but it seems to work just fine.
I'm sure any VPN should do it.