From ed7c6e2231eae19440b6358dd70f570a346fc100 Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Tue, 1 Oct 2024 09:39:18 +0200 Subject: [PATCH] fix IDs --- techniques/android/MASTG-TECH-0109.md | 8 ++++---- techniques/ios/MASTG-TECH-0110.md | 8 ++++---- tools/generic/MASTG-TOOL-0100.md | 4 +--- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/techniques/android/MASTG-TECH-0109.md b/techniques/android/MASTG-TECH-0109.md index 6c7775c7db..c8e6caa9a7 100644 --- a/techniques/android/MASTG-TECH-0109.md +++ b/techniques/android/MASTG-TECH-0109.md @@ -12,10 +12,10 @@ In order to intercept Flutter HTTPS traffic, we need to deal with two problems: There are generally two approaches to this: **@MASTG-TOOL-0100** and **@MASTG-TOOL-0001**. -- **@MASTG-TOOL-0100**: This tool creates a modified version of the Flutter module which is then repackaged into the APK. It configures the internal libraries to use a specified proxy and disable the TLS verification. -- **@MASTG-TOOL-0001**: The [disable-flutter-tls.js script](https://github.com/NVISOsecurity/disable-flutter-tls-verification) can dynamically remove the TLS verification without the need for repackaging. As it doesn't modify the proxy configuration, additional steps are needed (e.g. ProxyDroid, DNS, iptables, ...). +- **reFlutter**: This tool creates a modified version of the Flutter module which is then repackaged into the APK. It configures the internal libraries to use a specified proxy and disable the TLS verification. +- **Frida**: The [disable-flutter-tls.js script](https://github.com/NVISOsecurity/disable-flutter-tls-verification) can dynamically remove the TLS verification without the need for repackaging. As it doesn't modify the proxy configuration, additional steps are needed (e.g. ProxyDroid, DNS, iptables, ...). -## Intercepting Traffic using @MASTG-TOOL-0100 +## Intercepting Traffic using reFlutter 1. Patch the app to enable traffic interception. @@ -56,7 +56,7 @@ There are generally two approaches to this: **@MASTG-TOOL-0100** and **@MASTG-TO 5. Open the app and start intercepting traffic. -## Intercepting Traffic using ProxyDroid / iptables with @MASTG-TOOL-0001 +## Intercepting Traffic using ProxyDroid / iptables with Frida 1. Configure [proxyDroid](https://blog.nviso.eu/2019/08/13/intercepting-traffic-from-android-flutter-applications/) or iptables rules to redirect requests to Burp. diff --git a/techniques/ios/MASTG-TECH-0110.md b/techniques/ios/MASTG-TECH-0110.md index fa340ab1fb..807c20ec01 100644 --- a/techniques/ios/MASTG-TECH-0110.md +++ b/techniques/ios/MASTG-TECH-0110.md @@ -12,10 +12,10 @@ In order to intercept Flutter HTTPS traffic, we need to deal with two problems: There are generally two approaches to this: **@MASTG-TOOL-0100** and **@MASTG-TOOL-0039**. -- **@MASTG-TOOL-0100**: This tool creates a modified version of the Flutter module which is then repackaged into the IPA. It configures the internal libraries to use a specified proxy and disable the TLS verification. -- **@MASTG-TOOL-0039**: The [disable-flutter-tls.js script](https://github.com/NVISOsecurity/disable-flutter-tls-verification) can dynamically remove the TLS verification without the need for repackaging. As it doesn't modify the proxy configuration, additional steps are needed (e.g. VPN, DNS, iptables, WIFI hotspot). +- **reFlutter**: This tool creates a modified version of the Flutter module which is then repackaged into the IPA. It configures the internal libraries to use a specified proxy and disable the TLS verification. +- **Frida**: The [disable-flutter-tls.js script](https://github.com/NVISOsecurity/disable-flutter-tls-verification) can dynamically remove the TLS verification without the need for repackaging. As it doesn't modify the proxy configuration, additional steps are needed (e.g. VPN, DNS, iptables, WIFI hotspot). -## Intercepting Traffic using @MASTG-TOOL-0100 +## Intercepting Traffic using reFlutter 1. Patch the app to enable traffic interception. @@ -50,7 +50,7 @@ There are generally two approaches to this: **@MASTG-TOOL-0100** and **@MASTG-TO 5. Open the app and start intercepting traffic. -## Intercepting Traffic using WIFI Hotspot / openVPN with @MASTG-TOOL-0039 +## Intercepting Traffic using WIFI Hotspot / openVPN with Frida 1. Configure using [WIFI hotspot / openVPN](https://blog.nviso.eu/2020/06/12/intercepting-flutter-traffic-on-ios/) method to redirect requests to Burp. diff --git a/tools/generic/MASTG-TOOL-0100.md b/tools/generic/MASTG-TOOL-0100.md index efb143b4e6..2d3b2ff3fb 100644 --- a/tools/generic/MASTG-TOOL-0100.md +++ b/tools/generic/MASTG-TOOL-0100.md @@ -4,8 +4,6 @@ platform: generic source: https://github.com/Impact-I/reFlutter --- -The [reFlutter](https://github.com/Impact-I/reFlutter) framework helps to reverse engineer Flutter apps using the patched version of the Flutter library, which is already compiled and ready for application repackaging. This library has a modified snapshot deserialization process that allows you to perform dynamic analysis. reFlutter can also be used for intercepting Flutter HTTPS traffic, as described in the techniques for [Android](../../techniques/android/MASTG-TECH-0109.md) and [iOS](../../techniques/ios/MASTG-TECH-0110.md). +The [reFlutter](https://github.com/Impact-I/reFlutter) framework helps to reverse engineer Flutter apps using the patched version of the Flutter library, which is already compiled and ready for application repackaging. This library has a modified snapshot deserialization process that allows you to perform dynamic analysis. reFlutter can also be used for intercepting Flutter HTTPS traffic. You can install and use reFlutter by following [the official instructions](https://github.com/Impact-I/reFlutter?tab=readme-ov-file#install). More information is also available in the article ["Fork Bomb for Flutter"](https://swarm.ptsecurity.com/fork-bomb-for-flutter/) including details and practical examples. - -reFlutter can also be used for intercepting Flutter HTTPS traffic, as described in the techniques for [Android](../../techniques/android/MASTG-TECH-0109.md) and [iOS](../../techniques/ios/MASTG-TECH-0110.md).