The preferred recommendation is from the following previous article: Reverse Live box Green-ios client

The words written in the frontA couple of tools to use this time

  • IDA
  • The AloneMonkey MonkeyDev
  • Charles

What is a live box?

  • Single live call platform, such as Douyu, Panda, kuaishou and so on
  • All platforms in one App are called boxes
  • Now there are many live streaming platforms on it (with color)
  • Today, MT·Box

What is iOS reverse?

  • Not important

Why just reversed the live box last week, Green! Reverse this MT·Box again this week?

  • The cause of the matter is: last week to help brothers, brothers need to crack, last weekend to analyze the live box Green (crack local encryption. In the end, it was found that the server did authentication, so it failed. So I was ridiculed by a lot of brothers! To not let my brothers down! So we’re doing it again on the first day of the weekend

First of all, the last picture (there are many live broadcast boxes on the market now, the picture is just one of them, another brother sent the link)

  • The login pageYou can capture packets and change the status value to 1 or enter 123456

  • Successfully enter the home page

  • Click on any one you want to see (click where you want to see)

  • Prompt to open VIPIt's impossible to open it. It won't open in a lifetime. The only way to crack it is with the old master.
  • Caught change package

  • There is no VIP field. There is no status status code.
    • But have you noticed that several fields return emptySuch as lifetime
    • Next, change the package

  • Successfully saw live broadcast!Unsurprisingly,

Next is the hook source code, write lifetime directly666666

%hook LoginModel

- (void)setLifetime:(id)arg1 {
	%log;
	NSLog(@"% @", arg1);
	%orig;
}

- (void)setStatus:(id)arg1 {
	%log;
	NSLog(@"% @", arg1);
	%orig;
}


// - (NSString *)lifetime{
// 	%log;
// 	return @"666666";
// }

-(NSString *)status{
%log;
	return @"1";
}

%end



Copy the code

At the end of my last post I said this:In fact, normal other boxes to this step, can already get the live URL, but this box is more rigorous! Url returns empty! Scattered. That's it! I can't handle this box.The main purpose of writing this article today is to prove that I did not lie to you

The last

  • Thank you for reading my article
  • Attach the cracked IPAyuzhouheike. 0 a6j. Cn/yuzhouheike…

The last last! I want to tell you a little secret.

That is through my unremitting efforts. The second day after Pangu revealed the iOS security vulnerability, the video of ZipperDown, the iOS security vulnerability revealed by Pangu, reappeared (hacking the iOS client of Weibo). But as an honest iOS contrarian, before Weibo patched the bug. I can’t share the process of replicating this bug video right now. So I’m sure I’ll share the process of replaying this vulnerability and executing arbitrary code on twitter eventually. Pangu chose Weibo. Because even with this vulnerability, it is not easy to execute micro-blog! To get this done. I even worked until 3 o ‘clock one night! Hope to grow up fast!