Beautify intruder script to bypass SSL Pinning

dpnishant · Jul 14, 2017 · d7bef83 · d7bef83
1 parent 95ad2d3
commit d7bef83
Showing 1 changed file with 20 additions and 20 deletions.
diff --git a/intruder/scripts/iOS/SSLPinning.js b/intruder/scripts/iOS/SSLPinning.js
@@ -56,14 +56,14 @@ try {
         onEnter: function(args) {
             var int_0 = new NativePointer('0x0');
             if (args[2] != int_0) {
-                console.log('Executing SSL Pinning Bypass Technique #1');
+                console.log('[+] Executing SSL Pinning Bypass Technique #1');
                 args[2] = int_0;
             }
         }
     });
 
 } catch (e) {
-    console.log(e.stack);
+    console.log('[-] ', e.stack);
 }
 
 
@@ -73,21 +73,21 @@ try {
         onEnter: function(args) {
             var int_0 = new NativePointer('0x0');
             if (args[2] != int_0) {
-                console.log('Executing SSL Pinning Bypass Technique #2');
+                console.log('[+] Executing SSL Pinning Bypass Technique #2');
                 args[2] = int_0;
             }
         }
     });
 } catch (e) {
-    console.log(e.stack);
+    console.log('[-] ', e.stack);
 }
 
 
 // Ref: https://developer.apple.com/documentation/foundation/nsurlsessiondelegate/1409308-urlsession
 try {
     resolver.enumerateMatches('-[* URLSession:didReceiveChallenge:completionHandler:]', {
         onMatch: function(match) {
-            console.log('[NSURLSession] Found URLSession:didReceiveChallenge:completionHandler:');
+            console.log('[+] [NSURLSession] Found URLSession:didReceiveChallenge:completionHandler:');
             Interceptor.attach(match.address, {
                 onEnter: function(args) {
 
@@ -96,7 +96,7 @@ try {
                     var session = new ObjC.Object(args[2]);
                     var challenge = new ObjC.Object(args[3]);
 
-                    console.log('Executing SSL Pinning Bypass Technique #3');
+                    console.log('[+] Executing SSL Pinning Bypass Technique #3');
 
                     var completion_handler = new ObjC.Block(args[4]);
                     var saved_completion_handler = completion_handler.implementation;
@@ -116,69 +116,69 @@ try {
         onComplete: function() {}
     });
 } catch (e) {
-    console.log(e.stack);
+    console.log('[-] ', e.stack);
 }
 
 
 // Ref: https://developer.apple.com/documentation/foundation/nsurlconnectiondelegate/1414078-connection?language=objc
 try {
     resolver.enumerateMatches('-[* connection:willSendRequestForAuthenticationChallenge:]', {
         onMatch: function(match) {
-            console.log('Executing SSL Pinning Bypass Technique #4');
+            console.log('[+] Executing SSL Pinning Bypass Technique #4');
             Interceptor.replace(match.address, new NativeCallback(function(a, b, connection, challenge) {
-                // console.log('swizzled');
+                // console.log('[+] swizzled');
             }, 'void', ['pointer', 'pointer', 'pointer', 'pointer']));
         },
         onComplete: function() {}
     });
 } catch (e) {
-    console.log(e.stack);
+    console.log('[-] ', e.stack);
 }
 
 
 // (as done in SSL-Killswitch2)
 // Ref: https://github.com/nabla-c0d3/ssl-kill-switch2/blob/master/SSLKillSwitch/SSLKillSwitch.m
 try {
     Interceptor.replace(SecTrustEvaluate, new NativeCallback(function(trust, result) {
-        console.log('Executing SSL Pinning Bypass Technique #5');
+        console.log('[+] Executing SSL Pinning Bypass Technique #5');
         var ret = SecTrustEvaluate(trust, result);
         result = kSecTrustResultProceed;
         return ret;
     }, 'int', ['pointer', 'pointer']));
 } catch (e) {
-    console.log(e.stack);
+    console.log('[-] ', e.stack);
 }
 
 
 try {
     Interceptor.replace(SSLSetSessionOption, new NativeCallback(function(context, option, value) {
-        console.log('Executing SSL Pinning Bypass Technique #6');
+        console.log('[+] Executing SSL Pinning Bypass Technique #6');
         if (option === kSSLSessionOptionBreakOnServerAuth) {
             return noErr;
         }
         return SSLSetSessionOption(context, option, value);
     }, 'int', ['pointer', 'int', 'bool']));
 } catch (e) {
-    console.log(e.stack);
+    console.log('[-] ', e.stack);
 }
 
 
 
 try {
     Interceptor.replace(SSLCreateContext, new NativeCallback(function(alloc, protocolSide, connectionType) {
-        console.log('Executing SSL Pinning Bypass Technique #7');
+        console.log('[+] Executing SSL Pinning Bypass Technique #7');
         var sslContext = SSLCreateContext(alloc, protocolSide, connectionType);
         SSLSetSessionOption(sslContext, kSSLSessionOptionBreakOnServerAuth, 1);
         return sslContext;
     }, 'pointer', ['pointer', 'int', 'int']));
 } catch (e) {
-    console.log(e.stack);
+    console.log('[-] ', e.stack);
 }
 
 
 try {
     Interceptor.replace(SSLHandshake, new NativeCallback(function(context) {
-        console.log('Executing SSL Pinning Bypass Technique #8');
+        console.log('[+] Executing SSL Pinning Bypass Technique #8');
         var result = SSLHandshake(context);
         if (result === errSSLServerAuthCompleted) {
             return SSLHandshake(context);
@@ -187,15 +187,15 @@ try {
         }
     }, 'int', ['pointer']));
 } catch (e) {
-    console.log(e.stack);
+    console.log('[-] ', e.stack);
 }
 
 
 try {
     Interceptor.replace(tls_helper_create_peer_trust, new NativeCallback(function(hdsk, server, SecTrustRef) {
-        console.log('Executing SSL Pinning Bypass Technique #9');
+        console.log('[+] Executing SSL Pinning Bypass Technique #9');
         return errSecSuccess;
     }, 'int', ['void', 'bool', 'pointer']));
 } catch (e) {
-    console.log(e.stack);
+    console.log('[-] ', e.stack);
 }