I’m looking for somebody with reverse engineering skills who could teach me how to get the signature key hash from the iOS version of Instagram.
I have a jailbroken iPhone 6 with iOS 9.0 which I could use.
You would need to tell me the exact steps needed to extract the key from the App and answer possible questions.
I have basic reverse engineering skills on Android but none on iOS so I want to get this going asap.
Of course I will pay for your time and service, please tell me your offers.
nc8e1774526bf84b58bb4ffebb357bddb822a5183e0355db1effc2dad47107a29 is generated by a hmac function with a key.
Without this key I cannot generate the signature and requests won’t get accepted.
EDIT:
Basically I checked the App with IDA and followed your iOSAppReverseEngineering.pdf
I think I know where the key gets generated and I’m trying to gett it with LLDB and a breakpoint but I’m having many issues where I could need help.
For example I used the ASLR offset + the pointer from IDA to get the address
Then I set a breakpoint which worked but as soon as the breakpoint hits I get
and the app continues to run but not fully. I can see the loading circle spinning but nothing else works.
For such issues which are very time consuming to resolve on my own, I’d like to have somebody in chat/skype to talk to and help me resolve these issues.
I’d pay for the time this takes.
Okay, it is possible to extract the key but there’s a catch.
It seems the key gets altered by the app if you try to extract it so it will return a valid hash key but it seems this key is rate limited.
Unmodified/Unjailbroken devices use a different key to generate the hash so it seems to change dynamically when you try to mess with the app.
I already had a reverse engineerer look at this without success.
This seems like a very difficult task and I’d need an experienced pro to look at this and verify it for me.