This commit is contained in:
Carlos Polop 2024-02-09 18:55:27 +01:00
parent 8073f5697c
commit 116e3864db
3 changed files with 5 additions and 5 deletions

View file

@ -25,13 +25,13 @@ Wscript.Echo "Like this?"
## Commnets ## Commnets
```bas ```bash
' this is a comment ' this is a comment
``` ```
## Test ## Test
```bas ```bash
cscript.exe file.vbs cscript.exe file.vbs
``` ```

View file

@ -27,7 +27,7 @@ WebViews are utilized within applications to display web content interactively.
- **SFSafariViewController** offers a standardized web browsing experience within apps, recognizable by its specific layout including a read-only address field, share and navigation buttons, and a direct link to open content in Safari. Unlike **WKWebView**, **JavaScript** cannot be disabled in **SFSafariViewController**, which also shares cookies and data with Safari, maintaining user privacy from the app. It must be displayed prominently according to App Store guidelines. - **SFSafariViewController** offers a standardized web browsing experience within apps, recognizable by its specific layout including a read-only address field, share and navigation buttons, and a direct link to open content in Safari. Unlike **WKWebView**, **JavaScript** cannot be disabled in **SFSafariViewController**, which also shares cookies and data with Safari, maintaining user privacy from the app. It must be displayed prominently according to App Store guidelines.
```objetivec ```javascript
// Example of disabling JavaScript in WKWebView: // Example of disabling JavaScript in WKWebView:
WKPreferences *preferences = [[WKPreferences alloc] init]; WKPreferences *preferences = [[WKPreferences alloc] init];
preferences.javaScriptEnabled = NO; preferences.javaScriptEnabled = NO;
@ -87,7 +87,7 @@ Dynamic analysis involves inspecting the heap for WebView instances and their pr
Heap inspection can be conducted using `ObjC.choose()` to identify WebView instances and check `javaScriptEnabled` and `hasonlysecurecontent` properties. Heap inspection can be conducted using `ObjC.choose()` to identify WebView instances and check `javaScriptEnabled` and `hasonlysecurecontent` properties.
{% code title="webviews_inspector.js" %} {% code title="webviews_inspector.js" %}
```objetivec ```javascript
ObjC.choose(ObjC.classes['UIWebView'], { ObjC.choose(ObjC.classes['UIWebView'], {
onMatch: function (ui) { onMatch: function (ui) {
console.log('onMatch: ', ui); console.log('onMatch: ', ui);

View file

@ -301,7 +301,7 @@ For further details **check the original post in**: [https://blog.silentsignal.e
3. **Modification with a Hex Editor or vi**: 3. **Modification with a Hex Editor or vi**:
The names of the files inside the zip are altered using vi or a hex editor, changing "xxA" to "../" to traverse directories. The names of the files inside the zip are altered using vi or a hex editor, changing "xxA" to "../" to traverse directories.
```vi ```bash
:set modifiable :set modifiable
:%s/xxA/..\//g :%s/xxA/..\//g
:x! :x!