- 6
- 68 540
ZygoSec
United Kingdom
เข้าร่วมเมื่อ 18 ก.ย. 2015
Welcome to the official ZygoSec TH-cam channel! Here you will find various tutorials on reverse engineering, malware analysis, vulnerability research & software exploitation.
How to Compile C Programs on iOS using Clang
Follow me on Twitter - bellis1000
Thanks for watching!
Thanks for watching!
มุมมอง: 32 908
วีดีโอ
ARM Assembly Basics - How to Write a Simple ARM Program (on iOS)
มุมมอง 13K7 ปีที่แล้ว
Thanks for watching! How to become an iOS hacker - th-cam.com/video/u4N0kHwesz4/w-d-xo.html How are exploits created - th-cam.com/video/KvgNBPrDLdo/w-d-xo.html iOS 10 THEOS setup tutorial - th-cam.com/video/MhEH4p07upQ/w-d-xo.html Follow me on Twitter - bellis1000
Return Oriented Programming for Beginners - ROP on ARM Tutorial (ROPLevel1)
มุมมอง 11K7 ปีที่แล้ว
Thanks for watching! Return Oriented Programming is a technique used by modern exploit developers to take control of program execution and cause it to do things it shouldn't normally be able to do by reusing existing and legitimately-executable code. ROP is an essential thing to learn if you are interested in exploit development and vulnerability research. Download ROPLevel1 - github.com/Billy-...
How to Exploit a Simple Buffer Overflow Vulnerability (ARM64 iOS)
มุมมอง 7K8 ปีที่แล้ว
Thanks for watching! Link - www.dropbox.com/s/1s2sehnc80zv3tw/qwerty.zip?dl=0 armv7 version - www.dropbox.com/s/afqmw5bcvyovrdm/qwerty32.zip?dl=0 Follow me on Twitter - bellis1000
Xcode 7 - UIKit Dynamics, Gravity, Collision, Bounce | iOS App Development
มุมมอง 3.7K9 ปีที่แล้ว
Enjoy and please subscribe for more!!!!!!!!!
Xcode 6 UIKit Dynamics Basic Alert View with Animation
มุมมอง 6529 ปีที่แล้ว
I hope you enjoyed this video! Don't forget to subscribe for more!!! Lets go for 15 LIKES!!!!! File 1 - www.dropbox.com/s/r82xxhijbwdnih8/TLAlertView.h?dl=0 File 2 - www.dropbox.com/s/n73311tpdl4qyca/TLAlertView.m?dl=0
Wait so you caused an error on your iphone or your computer
On the iPhone - I am simply connecting to the iPhone from the Mac
Oh man you have a perfect I phone oceon 0:45
can you help me with this but for bash script how to run in libterm on ipad
tutorial on how to run a c++ on ios?
How????
aresmuzamel got any way??
clang++ instead of clang
Thanks!
great work. what's the benefit of logging in via ssh to root@192.168.1.68?
it's easier to work on your iOS system through SSH It's just for practical reasons
This gotta be one of the best offensive security tutorials I’ve ever come across. Thank you so much!
This is one of the worst videos on the internet.
then why you here, you ugly pig.
hey, im taking an arm class was trying to set this up to not buy a pi. have an iphone 6 on ios 12. i followed you instructions here and on the theos video. i dont think its using the right instruction set. its giving me invalid operand and vector register expected errors. any clue? i used your theos file which was supposed to support arm64.
Hi Billy, Is it possible to execute ARM-based programs on a non-jailbroken/non-SSHable device? I was wondering because I'm on iOS 12 right now and there's no jailbreak or any form of ssh available at the moment. It's also ARM64, so maybe not the best idea to start out with, but I assume there must be a way to test it (as bug finders look for bugs by trial and error to some degree?). Thanks, HankyNoodle
so how do people exploiting communicate with the device before jailbroken?
Hi, thank you for you TUT, but in iOS 11 with Electra JB there is something you get this error while you try to run your program which you compiled in the way you did "./hello: cannot execute binary file: Operation not permitted" even after a put "chmod 775 hello" still same error comes . let me know if you have any idea!
I moved the executable to /bin/ and signed it with jtool
@@trafalgarlaw3707 i get killed 9
_ JS , I sometimes get that too. Rebooting the phone helps
@@trafalgarlaw3707 which version of iOS are you using now ? Is it normal i get "Killed: 9 " if i type command "jtool" on /var/mobile/
_ JS , iOS 11.2.6, Electra jailbreak. As I said, try rebooting, if the issue persists, switch to Electra/Unc0ver
Hey! when i'm trying to compile this error pops up: clang hello.c -isysroot /var/theos/sdks/iPhoneOS8.1.sdk -o hello ld: library not found for -lSystem clang-3.7: error: linker command failed with exit code 1 (use -v to see invocation) Can anyone help here please?!
@joão pina which app was it?
cannot execute binary file: Operation not permitted
Make a video about ARM64 please
Hello, im do a job of iOS compile process, internally, not at high level. I like know what pass when i click play button in Xcode, what is the processes secuence. Someone have a link of interest? Thanks.
The same ldid code signing won't work with the iOS11 Electra jailbreak. Trying to find an answer right now...
did you find any answer ?
I moved the executable to /bin/ and signed it with jtool
Robert Youdale you should sign with specific entitlement
@@karwan9138 ldid2
Thanks so much mate
Could you show the full source of the rop1. As I noticed you never showed the locations of 0xbff8, 0xbffc, and 0xbfec. What did you use to compile?
Hello @ZygoSec, Just following up on my previous comment. I am curious about the twitter app that you are using in the video, Could you please share the name of the app on OSX menu bar?
@ZygoSec Which is the twitter app that you are using on the OSX menu bar?
Can you use hopper instead of radare2
Great tutorial, Thanks!!
Awesome! Looking for how to do this on Android.
rip s0n1c_dev 2:50
I imported the .zip using Filza, but when I try to use ./ROPLevel1, it tells me it's a directory! What have I done wrong?
Hi Billy, did you ever find that Clang did not link properly? When I run verbose: clang main.c -isysroot /var/mobile/Media/theos/sdks/iPhoneOS8.1.sdk -o helloworld -v the problem seems simple enough. It is looking for a /var/mobile/Media/theos/sdks/iPhoneOS8.1.sdk/usr/local/include but the actual directory of C Header files is.. /var/mobile/Media/theos/sdks/iPhoneOS8.1.sdk/usr/include I copied a link in iFile. No joy. Any ideas?
what the video for grab passworld on icloud
Does this work on ARM64?
Isn't it possible to generate an exploit for restoring cfws on iPhones , so that to bypass iCloud lock , and get rid of errors while restoring.....or there any exploits that are already produced for doing so,,, I can also be contacted by sadiqmusakhail@gmail.com
Sadiq Akbar yes, an exploit in iBoot or a lower component :)
👌
First boyyyy
Why not keep all the videos on the same channel?
TimXcode more advanced tutorials will go on this channel as the majority of viewers on my main aren't as interested in this kind of thing, so I don't want to drive them away from the channel by posting it there :)
Makes sense...too bad they aren't interested maybe there would be less "jelbreake 10.2.1--10.3 plzz"
Thanks for the tutorial
Couldn't find the file
If I have a kernel panic, what do I do?
Fut Only examine the panic log :)
Billy Ellis 2 will that lead to a jailbreak? I have one with a caller, one without. I don't know much cause I'm 15
Depends if theres any kind of bug/vuln you've that triggered the panic. Tweet me @bellis1000 if you wanna talk more about it :)
New favourite channel, nice one ;)
thanks for watching!
I want this theme on terminal. How can I install it ? Please help me.
As a sidenote: you can use a De Bruijn sequence to find the offset to the saved instruction pointer on the stack with ragg2: For generating the pattern: "ragg2 -P 300 -r", for getting the offset from the buffer to the saved instruction ptr: "ragg2 -q 0x41416241" (or whatever the instruction ptr was jumping to)
Nice tutorial bro 👌
Moar plzzzzz
awesome tutorial, thanks! was radare2 featured at 33c3? i think i saw it there...
yes it was :)
Where do you get the crash log?
download CrashReporter from Cydia and every time the program crashes, CrashReporter will produce a new crash log for you
Hey billy, whats that cydia icon on your dock?