Post

Dumping Decrypted iOS app from iPhone

Posted Updated
ios pentesting
ios pentesting
By
1 min read

iOS Pentest | Dumping Decrypted iOS app from iPhone

Introduction

Hello Friend! I am sudosuraj and currently learnig iOS penetration testing, so I thought I should document my journey so I can track my progress and also it will help other new bies to get into iOS hacking! So lets dive in!

Requirements

Every installed app in iPhone decrypts themselve during run, so having decrypted IPA for static analysis makes it easier to understand the code and also helps to uncover more bugs. So lets start, first thing you need some require tools to be set.

  1. In jail breakon iOS device, make sure you’ve installed frida, openssh using cydia. You can do this by addig the https://build.frida.re repo in cydia and search frida in cydia.
  2. In windows/Linux PC, make sure you’ve install frida & libimobiledevice. Visit https://github.com/libimobiledevice/libimobiledevice/releases and choose your preferred format and install in C drive or else add it your env variabe. Download frida-ios-dump
git clone https://github.com/AloneMonkey/frida-ios-dump.git
cd frida-ios-dump
pip3 install -r requirements.txt

Dumping decrypted IPA file

Now before going any further, lets test if our frida is working correctly, to do that, run this command in pc, this command should list all the installed apps in your iOS app, take note of your target app identifier.

frida-ps -Uai

image

Run this command in one terminal

iproxy 2222 22

image

Now, lets dump the decrypted app

1

python3 dump.py OWASP.iGoat-Swift

now, in iOS device, open the app and wait. image Now we can find our target IPA here. image

iOS
iOS Mobile Application bugbounty
This post is licensed under CC BY 4.0 by the author.