Fly In Matrix

Saturday, February 1, 2020

Fix Python3 running error on Mac OS Catalina

(Just for my own reference)

Environment:

1. macOS Catalina version 10.15.3

2. Xcode 11.3.1

3. Python3: 3.7.3

When tried to run python3 on macOS Catalina, got an error:

xcrun: error: invalid active developer path (/Library/Developer/CommandLineTools), missing xcrun at: /Library/Developer/CommandLineTools/usr/bin/xcrun

To fix this, run command “xcode-select –install”

Tuesday, September 17, 2019

Azure configuration Check (part 1)

Part 1: Use azucar tool

Azucar is a multi-threaded plugin-based tool to help assess the security of Azure Cloud environment subscription. By leveraging the Azure API , Azucar automatically gathers a variety of configuration data and analyses all data relating to a particular subscription in order to determine security risks.

The script will not change or modify any asset deployed in the Azure subscription.
More details on https://github.com/nccgroup/azucar/

Requirement:

Windows 10, 1903
An Azure read-only account
Excel 2016 if you want to export excel format report

Steps

Download and install Git for Windows from https://gitforwindows.org/ using default options. If you have git installed on your system, you can skip this step.
Run a command line window. On your folder, run command: git clone https://github.com/nccgroup/azucar.git
Run a powershell window as administrator, go to the “azucar” folder.
Run command “$psversiontable”, make sure the powershell version is 3.x
Run command: “Get-ChildItem -Recurse c:\tools\azucar | Unblock-File” to unblock the files
Run command “.\Azucar.ps1 -ExportTo EXCEL,CSV,XML,JSON -Verbose -Instance AzureCloud -Analysis All”. it will popup a window to ask you to sign in.
Enter the Azure email and password. Click “sign in” button. Select the Subscription and click “OK” button.
Wait until the analysis process ended, you can find the reports on folder “azucar\report”

References:

https://github.com/nccgroup/azucar/
https://gitforwindows.org/

Friday, August 11, 2017

iPad mini 1 ios 9.3.5 Phoenix Jailbreak

Enviroment:
1. iPad mini 1: A1432; IOS version 9.3.5
2. Kali Linux 2017.1 (64bit)

Steps:
1. Download Cydia Impactor from http://www.cydiaimpactor.com/ and unzip it. what I used was Linux 64 bit version. (Pic01)

2. Donwload the IPA file Phoenix3.ipa from https://phoenixpwn.com/download.php and put it to the unzip folder (Impactor64_0.9.41). (pic02)

3. Check the hash of the IPA file. It should be "616ef9da4796ae7d490fb7b0e31cd85bb48e2732d2436c7710e79716e2b80e61" (pic03)

4. Connect the iPad mini 1 to Kali Linux.You should see the iPad icon on the desktop. (pic04)

5. Double click "Impactor". The device should be loaded automatically (pic05)

6. Click "Device"->"install Package..." (pic06)

7. Select "Phoenix3.ipa" and click "Open" (pic07)

8. Enter the apple id and password (pic08)

9. The installation will start. (pic09)

10. if you get an error "Provision.cpp:81, ios/submitDevelopmentCSR = 7460 You already have acurrent iOS Development certificate or a pending certificate request"(pic10), then click "xcode"->"revoke certificate" (pic10-2)

11. After the installation is done, you should get the Phoenix icon on your iPad.(pic11)

12. Go to "Settings > General > Device Management" and trust the certificate. (pic12)

13. Run the app and tap on "Prepare For Jailbreak". Following the screen instruction to install Cydia. (pic13)

14. Now you can run Cydia. (pic14)

Please note:
1. Whenever you reboot, open the app again and tap on "Kickstart Jailbreak".
2. Whenever the app expires, install it again with Cydia Impactor.

References:
1. https://phoenixpwn.com/