課程講義

下載連結

網路安全練習主機與電文資訊

主機URL: "http://class.softarts.cc/AppSecurity/encryptData.json"
Payload 加密 Key: "zaq1xsw2cde3vfr4"
Password 加密 Key Prefix: "1qaz2wsx"

Exception Domains 設定 Key 值

NSExceptionAllowsInsecureHTTPLoads
NSIncludesSubdomains

SSL Pinning

SSLLabs

假 Pinning Hash

"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=",
"BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB="

UIWindow+Extension.swift 預設內容

UIWindow+Extension.swift

main.swift 預設內容

import Foundation
import UIKit

autoreleasepool {
  UIApplicationMain(
    CommandLine.argc,
    UnsafeMutableRawPointer(CommandLine.unsafeArgv)
      .bindMemory(
        to: UnsafeMutablePointer<Int8>.self,
        capacity: Int(CommandLine.argc)),
    nil,
    NSStringFromClass(AppDelegate.self) //Or your class name
  )

}

Objective-C 混淆方式參考

codeobscure

ZMConfuse

Swift Jailbreak 偵測

JailBreak-Detection

TouchID/FaceID 範例程式

SwiftHelloLocalAuthentication.zip