Jump to content

SkyVexy

Senior Member
  • Posts

    126
  • Joined

  • Last visited

1 Follower

Profile Information

  • iDevice
    iPhone 15 Plus

Recent Profile Visitors

841 profile views

SkyVexy's Achievements

Supporter

Supporter (5/14)

  • Senior Member
  • Full Member
  • Reacting Well
  • Pro Supporter
  • Supporter

Recent Badges

6

Reputation

  1. Is possible you can tell me the tools use to make this exploit? Or could you do a tutorial?
  2. this would be dope
  3. Charles installation: Step 1. Install Charles Proxy following the standard directions. https://www.charlesproxy.com/download/ Start the program. Go to Proxy > Proxy Settings. Select the Proxies tab, enter "8888" in the HTTP Proxy Port field then select Ok. Go back to the proxy tab and select “SSL Proxy settings” Select (“Enable SSL Proxying”), Then Select “Add” In The “Host” Field Input your Ipv4 address. Also in the “Port” field make sure to input 8888 *IMPORTANT* To find your Ipv4 In “Charles Proxy”, select (Help > SSL Proxying > Install charles root certificate on a mobile device or remote browser. Follow the directions Prompted! (Please Read everything to avoid issues) Charles Installation IOS (Step 2) On your iphone navigate to Settings > Wi-Fi > Select the “I’ next to your connected wifi > scroll to the bottom and select "Configure PROXY". > Select Manual > type in the SAME Ipv4 and Port you’re using! Open Safari on your iPhone. Browse to https://chls.pro/ssl. Safari will prompt you to install the SSL certificate. If you are on iOS 10.3 or later, open the Settings app and navigate to General > About > Certificate Trust Settings. Find the Charles Proxy certificate and enable the certificate. Now, your iPhone is set up to use Charles Proxy for intercepting and monitoring HTTPS traffic. Into the exploit Step 1. Now that everything is enabled! Make sure that Pengu is installed on your device! Open Pengu on you iOS Device. Sign up and create your pet. Once you have your pet, Go to the controller in the bottom left corner ( the arcade) Stay on the arcade page and navigate to your computer. Within Charles proxy you should already see some data popping up (Noise) Condense this by typing in “Pengu” In the “filter” field below the data(noise). It will single out the App we’re trying to exploit. Start the SSL proxying by selecting the lock ( To the left of the turtle icon) Once you’ve selected the Lock. The lock should no longer look opened. (locked) You are now SSL Pinning Click the brush to clear the Pengu data. ( left of the record icon) Navigate to your iOS device and start a Pengu flappy bird game! Play the Pengu bird game legit ( just get more than 1 point) After you played a game. You should have 2 hearts left. (Stay on this page) Navigate to Charles Proxy (Computer) you should see https://Penguapp.co select the arrow for the drop down menu and navigate to, v1 > games > flappy-pengu > (Pengu Id) > Select "Report" To the right of report you should see two lists Request(Top)/Response(Bottom) Select (JSON) for both menus These are going to contain your score( which we will change) Changing Values ( Step 2) Now that you have survived the first step This will be easier >Trust< Right click on the “Report” option mentioned in *Step 1* Navigate to “Breakpoints” and Select it. ( It will now have a check mark next to it) EVERYTHING BELOW THIS POINT IS TIMED ( IF YOU TAKE TO LONG IT WILL TIME OUT) {READ THIS THEN EXECUTE ACCORDINGLY) Return to the IOS Device and play another game! (Try again) Once your second game has been played a breakpoint should appear on Charles proxy. Select the tab “Edit Request” (next to Overview) Select JSON Right above Execute (Not Json Text) You should see the Legit score you achieved. Double click on the score you achieved and modify the value to a (Reasonable number) I.e (60000) Now EXECUTE THAT BAD BOY. Once executed. Another menu should pop up ( the response). Select “Edit response” and make sure (score is what you set it too. NOW EXECUTE THAT! You now should have a modified value and the game will input your Modified score. Once you have the desired coins then you’re all set! (Disconnecting Charles) Select the Lock (Left of the turtle) *it will stop ssl pinning Navigate to your iOS device and go to your settings > wifi > blue I next to the connected wifi > configure proxy > select OFF > Save Navigate to General > About > Certificate Trust Settings > Select the Charles proxy to turn it off I hope you guys enjoy this little exploit. If you have any questions let me know!
  4. Im trying to use Charles proxy to see if anything's there and so far i haven't got anything. I'm wondering if anyone could solve this? Name of the game you want hacked: Hunting Sniper Version of the game: 1.7.4 iTunes Link for the app: https://apps.apple.com/us/app/hunting-sniper/id6446005634 Jailbroken or Non-Jailbroken: Both Requested Features: Anything that would pose an advantage. (Stats)
  5. What tutorial could i use to learn how to do things like this? @Laxus
×
  • Create New...

Important Information

We would like to place cookies on your device to help make this website better. The website cannot give you the best user experience without cookies. You can accept or decline our cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines