mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-24 21:53:54 +00:00
a
This commit is contained in:
parent
8073f5697c
commit
116e3864db
3 changed files with 5 additions and 5 deletions
|
@ -25,13 +25,13 @@ Wscript.Echo "Like this?"
|
|||
|
||||
## Commnets
|
||||
|
||||
```bas
|
||||
```bash
|
||||
' this is a comment
|
||||
```
|
||||
|
||||
## Test
|
||||
|
||||
```bas
|
||||
```bash
|
||||
cscript.exe file.vbs
|
||||
```
|
||||
|
||||
|
|
|
@ -27,7 +27,7 @@ WebViews are utilized within applications to display web content interactively.
|
|||
|
||||
- **SFSafariViewController** offers a standardized web browsing experience within apps, recognizable by its specific layout including a read-only address field, share and navigation buttons, and a direct link to open content in Safari. Unlike **WKWebView**, **JavaScript** cannot be disabled in **SFSafariViewController**, which also shares cookies and data with Safari, maintaining user privacy from the app. It must be displayed prominently according to App Store guidelines.
|
||||
|
||||
```objetivec
|
||||
```javascript
|
||||
// Example of disabling JavaScript in WKWebView:
|
||||
WKPreferences *preferences = [[WKPreferences alloc] init];
|
||||
preferences.javaScriptEnabled = NO;
|
||||
|
@ -87,7 +87,7 @@ Dynamic analysis involves inspecting the heap for WebView instances and their pr
|
|||
Heap inspection can be conducted using `ObjC.choose()` to identify WebView instances and check `javaScriptEnabled` and `hasonlysecurecontent` properties.
|
||||
|
||||
{% code title="webviews_inspector.js" %}
|
||||
```objetivec
|
||||
```javascript
|
||||
ObjC.choose(ObjC.classes['UIWebView'], {
|
||||
onMatch: function (ui) {
|
||||
console.log('onMatch: ', ui);
|
||||
|
|
|
@ -301,7 +301,7 @@ For further details **check the original post in**: [https://blog.silentsignal.e
|
|||
|
||||
3. **Modification with a Hex Editor or vi**:
|
||||
The names of the files inside the zip are altered using vi or a hex editor, changing "xxA" to "../" to traverse directories.
|
||||
```vi
|
||||
```bash
|
||||
:set modifiable
|
||||
:%s/xxA/..\//g
|
||||
:x!
|
||||
|
|
Loading…
Reference in a new issue