Skip to content
This repository has been archived by the owner on Sep 13, 2023. It is now read-only.
/ frida-ios-dump Public archive
forked from miticollo/frida-ios-dump

pull decrypted ipa from jailbreak device

License

Notifications You must be signed in to change notification settings

segg21/frida-ios-dump

 
 

Repository files navigation

frida-ios-dump

A tool to extract a decrypted IPA from a jailbroken, rootless device.

Usage

To use frida-ios-dump, follow these steps:

  1. Install frida on your device. You have two options:
    • Add my repo.

      Note
      It should work on all rootless JB.

    • Compile it yourself. For more information, refer to the dedicated gist.
  2. Clone this project by typing the following command in your terminal window:
    git clone --depth=1 -j8 https://github.com/miticollo/frida-ios-dump.git
    cd frida-ios-dump/
  3. Create a virtual environment.
    python -m venv ./.venv
    source ./.venv/bin/activate
  4. Run pip install -r requirements.txt --upgrade to install the necessary dependencies.

    Note
    Upgrade dependencies such as frida-tools and frida using the command sudo pip install -r requirements.txt --upgrade.

  5. Enable SSH forwarding over USB using iproxy. For example, run iproxy -ddd 2222:22.
  6. On the device, install curl, ldid and openssh from Procursus. Then, run the following commands as root either over SSH or in a terminal window:
    curl -LO --output-dir /var/tmp/ 'https://raw.githubusercontent.com/miticollo/frida-ios-dump/master/scp.entitlements'
    ldid -S/var/tmp/scp.entitlements -M "$(which scp)"
    rm -v /var/tmp/scp.entitlements
  7. Open the target app on the device.
  8. Connect iDevice to macOS/PC using USB lightning cable.
  9. Run ./dump.py <target>
./dump.py Spotify 
Start the target app Spotify
Dumping Spotify to /var/folders/q2/x23bcyr53w3dnmlh2fqjp2mr0000gp/T
start dump /private/var/containers/Bundle/Application/56AE666E-0F06-4969-91C8-5B63F33ECF58/Spotify.app/Spotify
Spotify.fid: 100%|██████████| 112M/112M [00:03<00:00, 35.5MB/s]
start dump /private/var/containers/Bundle/Application/56AE666E-0F06-4969-91C8-5B63F33ECF58/Spotify.app/Frameworks/SpotifyShared.framework/SpotifyShared
SpotifyShared.fid: 100%|██████████| 4.26M/4.26M [00:00<00:00, 19.8MB/s]
AppIntentVocabulary.plist: 125MB [00:10, 13.1MB/s]
Generating "Spotify.ipa"
0.00B [00:00, ?B/s]

Congratulations!!! You've got a decrypted IPA file.

How to install it?

To install the app, sideload it as follows:

  • Use Sideloadly sideloadly.png

    Note
    Enable “Sideload Spoofer” as some apps may not work after decryption.

Tested environment

About

pull decrypted ipa from jailbreak device

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 49.5%
  • Python 42.0%
  • Shell 8.5%