Offensive-Con icon indicating copy to clipboard operation
Offensive-Con copied to clipboard

Published 20 hours ago verified publisher icon blankwall

Examine new sample for vulnerabilities?

Open jakaplan opened this issue 3 years ago • 4 comments

Hi Tyler,

Yesterday I made public the SwiftAuthorizationSample and focused on security while developing it. In particular, it uses the SecureXPC framework I made specifically with the intention of preventing unauthorized communication. If you're up for it, I'd be appreciative of you examining the sample and seeing what issues it has. I'll readily address them by updating the sample and/or supporting frameworks as needed.

jakaplan avatar Oct 28 '21 06:10 jakaplan

Thanks for reaching out to me. I can probably get to it in the next few weeks. I will let you know!

On Thu, Oct 28, 2021 at 1:15 AM Josh Kaplan @.***> wrote:

Hi Tyler,

Yesterday I made public the SwiftAuthorizationSample https://github.com/trilemma-dev/SwiftAuthorizationSample and focused on security while developing it. In particular, it uses the SecureXPC framework https://github.com/trilemma-dev/SecureXPC I made specifically with the intention of preventing unauthorized communication. If you're up for it, I'd be appreciative of you examining the sample and seeing what issues it has. I'll readily address them by updating the sample and/or supporting frameworks as needed.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/blankwall/Offensive-Con/issues/1, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXFSRUUS7JLETOGZ54WOBDUJDTBNANCNFSM5G4A6HVA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

blankwall avatar Oct 28 '21 15:10 blankwall

@blankwall would you have a chance sometime to take a look? If you're short on time, just looking at the SecureXPC framework that the sample relies upon would be quite appreciated.

jakaplan avatar Jan 27 '22 10:01 jakaplan

What is your timeline on this? When is it absolutely needed? I can make the time and I am sorry I have procrastinated this long!

On Thu, Jan 27, 2022 at 4:51 AM Josh Kaplan @.***> wrote:

@blankwall https://github.com/blankwall would you have a chance sometime to take a look? If you're short on time, just looking at the SecureXPC framework https://github.com/trilemma-dev/SecureXPC/ that the sample relies upon would be quite appreciated.

— Reply to this email directly, view it on GitHub https://github.com/blankwall/Offensive-Con/issues/1#issuecomment-1023082556, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXFSRQBYSABC25562RMTPTUYEPUDANCNFSM5G4A6HVA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

blankwall avatar Jan 27 '22 16:01 blankwall

No worries at all. Would end of February be realistic?

jakaplan avatar Jan 27 '22 23:01 jakaplan