What does the iOS Diagnostics App Send to Apple?

I was asked by an Apple rep to send in diagnostic logs via the iOS diagnostics app in an attempt to diagnose a reboot/battery issue with an iPhone 4S.

Curious as to how this information was collected and more importantly what was collected, I fired up my new friend Fiddler :)

Below are my main observations of the iOS diagnostics app running on an iTouch with iOS 6.1

...Read more...

  • To access the diagnostics app, open a browser and type the URL: diags://1 (the 1 is the ticket number of your support case – usually it is 5 digits)
Tagged , | Leave a comment

Tampering with Mobile Traffic Using Fiddler

In part one of these series I talked about how you can very easily capture mobile traffic using Fiddler.

In this second part, I will talk about how you can actually tamper with the traffic you send and receive to and from your mobile device.
Please note that tampering with traffic is not just limited to mobile traffic!

Whether you are a developer, penetration tester or just curious (I fit in to the latter category :) ), being able to tamper with your requests and responses will give you a better insight in to what can be done with an application, how it will respond to specific input against what is expected, etc.

...Read more...

Tagged , | Leave a comment

Capturing Mobile Traffic Using Fiddler

This article will briefly go over the details on how to capture wifi traffic from your mobile devices. This includes capturing traffic on iPads, iPhones, BlackBerries, Android devices and pretty much any device that supports the ability to add a proxy to the wifi settings.

First we will install our trusty friend Fiddler. I used version 2 as it is classed as ‘Stable’ and it just works :)

Once you have installed Fiddler, install the CertMaker add-on (this allows you to view SSL traffic by using a modified version of the default self-signed certificate that comes with Fiddler).
Now open Fiddler and click on Tools –> Fiddler Options and make sure you have set:

...Read more...

Tagged , , | 1 Comment

Find out what Technologies are Being Used on a Website using BuiltWith

BuiltWith is a “website profiler, lead generation, competitive analysis and business intelligence tool providing technology adoption and usage analytics for the internet.”

BuiltWith is a very useful tool for finding out what services and technologies are being used on any given website. The tool has a Firefox and Chrome extension available which makes it a lot more accessible for the geeky type.

As you will see in the example below where I run the add-on on this blog, the tool spits out all sorts of useful information such as the server and frameworks being used (Apache and PHP), the software platform  (WordPress), any advertising being used (AdSense), tracking technologies such as Google Analytics, any content delivery networks and much, much more.

...Read more...

Tagged , , , | Leave a comment

Updating Third Party Software on Domain Workstations and Laptops with Ninite Pro

In this brief guide I will show you how to set up Ninite to automatically update, install and remove applications on Workstations and Laptops on a Windows active directory domain.

What set-up this article covers (will almost certainly work with different set-ups)

  1. A Windows Server 2008 (R2) domain controller
  2. Windows 7 desktops and laptops

Setting up the Group Policies

In my organisation, we have an OU (Organisational Unit) for Desktops and Laptops. Now, there are a number of configurations you can set Ninite up with – the two I think merit a discussion is the /cachepath and /nocache switches.

...Read more...

Tagged , , , | Leave a comment