| Follow @lancinimarco

Reading time ~1 minute

Needle V0.0.4 Released

In preparation for OWASP AppSec USA 2016, today we are releasing Needle V0.0.4, with new compatibility support, new modules, and lots of bug fixes! You can grab the new version from Github.

We would also like to say thanks to our Github contributors:

  • @tghosth
  • @ch1kpee
  • @hduarte
  • @zakm123
  • @alexplaskett
  • @istais
  • @hduarte
  • @n1xf1

To stay updated, remember to also follow @mwrneedle on Twitter!

Changelog [0.0.4] - 2016-10-04

Added

  • [CORE] OS X Support
  • [CORE] iOS 9 compatibility support [from @ch1kpee]
  • [CORE] Global output path
  • [CORE] Support for SSH public key auth [from @hduarte]
  • [MODULE] Dump contents of keyboard autocomplete cache (storage/caching/keyboard-autocomplete) [from @zakm123]
  • [MODULE] Apple Transport Security (ATS) metadata support (binary/metadata) [from @alexplaskett]
  • [MODULE] Circumvent Touch ID when implemented using LocalAuthentication framework (hooking/cycript/cycript_touchid) [from @istais]
  • [MODULE] storage/data/files_*: now is possible to dump all files [idea from @tghosth]
  • [MODULE] Support for App Extension Bundles metadata (binary/metadata) [from @alexplaskett]
  • [MODULE] Display an applications universal links (binary/universal_links) [from @alexplaskett]
  • [MODULE] Show the content of the device‚Äôs /etc/hosts file, and offer the chance to edit it (various/hosts)
  • [SUPPORT] Contribution guide and module templates
  • [SUPPORT] ISSUE_TEMPLATE for github
  • [SUPPORT] Logo and Twitter handle

Fixed

  • [CORE] TCPrelay execute mode permissions
  • [CORE] Install coreutils beforehand
  • [CORE] Replaced frida.spawn with uiopen
  • [CORE] Error on exit and get_ip for OS X
  • [CORE] Fixed 2 bugs related to TCP relay and refresh of the connection parameters [from @hduarte]
  • [CORE] iOS 9.3.3 search pid support inside containers [from @n1xf1]
  • [CORE] Issues with paths containing spaces
  • [MODULE] Dump keychain even when no apps are installed
  • [MODULE] Minor edits on module descriptions [from @tghosth]
  • [MODULE] DTPlatformVersion exception [from @alexplaskett]
  • [MODULE] Keychain Dump: reverted back to keychaineditor
  • [MODULE] Syslog watch (dynamic/watch/syslog) and monitor (dynamic/monitor/syslog) not working when using SSH over wi-Fi: switched to ondeviceconsole

Removed

  • [CORE] Dependencies check
  • [CORE] Dependency to libimobiledevice
  • [MODULE] Unstable modules (fuzz_ipc, lldb_shell)

Marco Lancini

Marco Lancini
Hi, I'm Marco Lancini. I'm a Security Engineer, mainly interested in cloud native technologies, devops, and network security...  

iOS 9: Effective Jailbreak

Published on November 15, 2016

Needle Status Update

Published on September 14, 2016