iOS 11/12 Decrypt AppStore Applications for Reverse Engineering Tutorial | Frida-Dump Method
ฝัง
- เผยแพร่เมื่อ 2 ต.ค. 2024
- Get my books here - zygosec.com/
Hey guys! Today we're taking a look at how to decrypt iOS applications downloaded from the AppStore using Frida-dump. This is highly useful if you're interesting in reverse engineering iOS applications.
Download Frida-dump here - github.com/Alo...
Follow me on Twitter - / bellis1000
Thanks for watching!
Quite an incomplete tutorial. You didn't explain any of the prerequisites (e.g. requiring Frida installed through Cydia, installing all the python modules inside requirements.txt). As well as skipping the part where you open up port 2222 with iproxy. Thanks for the video regardless, I hope you can fill these gaps in for your next tutorials :-)
+1
Does somebody know how to open up port 2222 with iproxy?
Hey! Can you help me with this I’m having some issues still?
I know this is old but for anyone else asking:
- install Frida-tools with `brew install Frida-tools`
- download and cd to Frida-ios-dump and install pre-requisites with `sudo pip install -r requirements.txt --upgrade`
- install usbmuxd with `brew install usbmuxd`
(in my specific circumstances I had to attach open the app on my iPhone and attach Frida to it using `Frida -U -F` in a new terminal window)
- then was able to dump with bundle identifier...
I used to do this a while back but needed a refresher myself... The deprecation of python2.x made things a pain in the ass for me on Catalina
If you’re watching this video, its more geared to developers, and making files or compiling is considered to be basic info. That’s kind of the equivalent to teaching someone literate the alphabet before they read a book.
how did you get the usage prompt in terminal window i am a windows user and am confused 2:39?? can somebody plz help
Did it work out? I'm wondering if should try
@@MistaManlyGuy no bro...:(
Now can you actually run this on your phone?
[Errno None] Unable to connect to port 2222 on 127.0.0.1 or ::1
Try specifying -H/--hostname and/or -p/--port
Do we need to connect both PC and iPhone to the same network?
Do you find a way ? Or a answer?
@@laberlass1840 `brew install usbmuxd`
then run `proxy 2222 22` in a new terminal window
then run the dump.py
Can you do this for any AppStore app to get source code? If so are you for hire?
Traceback (most recent call last):
File "/Users/dump.py", line 11, in
import frida
ImportError: No module named frida
I have this error can anybody assist me?
same here. this tutorial is kind of useless now
Sorry it's called CrackerXI+
How many kinds of testing we can do in reverse engineering ipa file
Do you really need a jailbroken device? I'm needing to see what libraries an app is using.
Hi do u know how to remove key verification from ipa files.
There is a game which is modded by a hacker and i have its ipa file & app as well.
On the app when you open it asks for to enter key
we have to buy its key for 1 day or 30 days. I want to bypass that key verification so i can use it for free
How to do that please tell
I love your videos! You are the reason that I started iOS development.
Love your content, keep it up very inspiring!👍🏾
I have question for you and chat:
" /usr/bin/env: ‘python’: No such file or directory " --->> what is this ??
what should i do, please help me )
Cool It will help me a lot
I wonder if its updated for new iOS versions... 😅
I want to share old IPA games that not available anywhere on Net...
IPhone 6 icloud lock remove solution pls
Do you need a Jailbroken Mac or iphone?
Great video, thanks
i get an error saying
" Jamess-iMac:~ iMac$ /Users/iMac/Documents/Phone/frida-ios-dump-master/dump.py
Traceback (most recent call last):
File "/Users/iMac/Documents/Phone/frida-ios-dump-master/dump.py", line 9, in
import frida
ImportError: No module named frida "
when i first try to run it
hi, im having this error when im trying to run the python script,
import frida
ImportError: No module named frida
Can you make a video on how to do this also with Mac apps? Thank you!
I might've missed the iproxy step or maybe that is something that was not required 4 years ago, but this video was really helpful.
Is there anything for iPad pros instead of MacBook?
I tried the methods in the video ( I have programming knowledge) but not one file or item from the app was dumped. Only IOS app data was dumped? Why is that?
Means i could modify the currency of an app? :o
Thanks billy. I have an app that crashes the minute it's launched and it switches to a safari page saying it doesn't support jailbroken phones. This causes the script to never finish decrypting. Any thoughts on how to fix this?
It could be because the app has jailbreak detection. You can bypass it with help of different modules that are there in cydia. Here is a example I found, try this, if it doesn't work then you could search for apps that are similar to the one given in the example.
Bypass Jailbreak Detection
Jailbreak detection is annoying but solvable. Of all the packages that support iOS 13, I've found that the Liberty Lite Cydia module works the most consistently.
On your iPhone, open Cydia and add module author Ryley Angus’ repository by going to Sources → Edit → Add and enter ryleyangus.com/repo/
Go to Search → Enter Liberty Lite → Install
Once installed, go to Settings → Liberty → Block Jailbreak Detection → Enable for the app you want to bypass
Kill and re-open your app. If it's still not bypassed, you can try other modules.
Do let me know if it worked...I'd be happy to help. :)
dodo reviewed i know it has jailbreak detection but none of the standard jailbreak switch off packages are working. Part of the reason I want to open is to trace the jailbreak detection mechanism and stop it
Does this work on kali as well?
After trying to dump an application and pasting the bundle idenfitier it just freezes. Also it doesn't open the app on my phone. Any help?
Any way to do this on windows?
I watch almost all your videos.. help me please!!! Could I get your email or some way to communicate with you please! I need you to take a look at something!
How to connect to port 2222 on 127.0.0.1 or ::1
Open the port in a different terminal window & retry dump.py
command: iproxy 2222 22
@@bamy187 thanks
Is it still relevant today?
Sir please help me iPhone 11
Can you do this with a pc? Windows?
May I ask if the app has jailbreak detection and it's not launchable on jailbreak devices, how can I create a decrypted ipa?
Usually its launch able but gives an error message like "jailbreak detected"
And I sent you a dm on Twitter about one of your videos and if you could help me with that it would be great
Does this work on both unc0ver and chimera?
Hey, do you know a way of getting headers of decrypted apps?
goat come backkkkkkk!!!!!!
you are great. i bought your books and im learning a lot from you. thanks for sharing your knowledge.
Sooo help ful
Billy ellis top 1 youtuber 😎
@Billy - Did you do the port forwarding here as mention on Github?
`brew install usbmuxd`
then `proxy 2222 22`
Really awesome stuff
Tysm for the great video :)
thanks for another great video!!
Hey Billy, is your book on arm exploitation iOS specific? Will it teach us examples of vulnerabilities in iOS?
Hey! My books focus on general ARM exploitation without looking at one specific OS. Most of the examples shown throughout the book are demo programs running on jailbroken iPhones, but that is not to say you can't run them on other ARM hardware too. The concepts and techniques covered in the chapters should be applicable to exploiting any ARM-based software. If you're looking for a book that covers iOS-specific stuff & exploits, check out the *OS internals series by Jonathan Levin :) Thanks for watching!
Great videos, it helped me alot.
Are you for hire?
Brian Payne sure, what dyou need? Email me billy@zygosec.com :)
Thank you billy
I emailed you sir
When I move the dump.py file to the terminal it says: module missing: Frida...
How can I do?
install Python
@@md_ios Do you know how i open up port 2222 with iproxy?
Inspiring!
😎😎😎😎😎😎
Do you see the source code after this process?
yes
@@hiddenaether lol
This is deep. This makes apps more useful for those gamers like myself. This is a subject I hope you will keep reporting on Billy!!!!! Or as I call you Billy the IOS Kid!
Just use Cydia app CrackerX
yea.. saves so much time