Release v1.0.0: New unpinning script, easier connections on iOS, and lots of improvements and bugfixes · tweaselORG/cyanoacrylate

This release brings a lot of improvements and bugfixes, most of them were changes from the new version appstraction. Some of the changes are breaking (marked below).

The most noteable changes include:

We have switched from objection to httptoolkit/frida-android-unpinning as our certificate pinning bypass on Android. Learn more about the investigation that motivated this change: tweaselORG/meta#16
Connecting to iOS devices via SSH now doesn't require you to specify the device's IP address anymore. Also, the SSH connection now also works with the mobile user, e.g. if the root user is not allowed to log in via SSH.
We now require at least Node 18. Running cyanoacrylate on a Node version that is too old would already fail previously, we have just made this explicit.
We now expose the events emitted by mitmproxy in the analysis results, which can help you verify your results and debug TLS or connection errors.

What's Changed

Fixes #26: Get rid of requirements.txt by @baltpeter in #34
Upgrade to andromatic 1.1.1 by @baltpeter in #35
Update appstraction by @baltpeter in #31 (breaking)
Fixes #32: Expose mitmproxy events by @baltpeter in #33

Full Changelog: v0.6.3...v1.0.0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v1.0.0: New unpinning script, easier connections on iOS, and lots of improvements and bugfixes

What's Changed

Contributors