Updated some frida scripts to help you with the pentest ios app. If you run the script but it doesn’t work, you can try the following: frida -U -f package -l script.js Demo Feature Titleįrida iOS Hook | Basic Usage | Install – List devices – List apps – List scripts – Logcat – Shellįrida iOS Hook | Basic Usage | Dump Decrypt IPA – Dump Memory App – Hexbyte-Scan IPAįrida iOS Hook | Basic Usage | App Static – Bypass Jailbreak – Bypass SSL – Intercept URL + Crypto m(–method) Support commonly used methods –shell, –ssh Get the shell of connect device –list-appinfo List Info of Apps on Itunes HexByte Scan IPA: –hexbyte-scan Scan or Patch IPA with byte patterns –pattern=PATTERN Pattern for hexbytescan –address=ADDRESS Address for hexbytescan -t TASK, –task=TASK Task for hexbytescan Information: Dump decrypt IPA: -d, –dump Dump decrypt application.ipa -o OUTPUT_IPA, –output=OUTPUT_IPA Specify name of the decrypted IPA Dump memory of Application: c(–check-version) Check for the newest version
s(–script) Using script format script.js n(–name) Name of application ex: AppStore p(–package) Identifier of application ex: Support both spawn & attach script to process. It support script for trace classes, functions, and modify the return values of methods on iOS platform. Frida-Ios-Hook, a tool that helps you can easy using frida.