Professional Documents
Culture Documents
Shashank's Blog
Dec 11, 2021 · 3 min read · Listen
Save
S tatic analysis is an important aspect of any MAPT activity. Tools like MobSF are helping
pentesters performing automated static analysis. But to perform these scans we need an
IPA file. In this short post, we will look at one such such method which provides sure shot way to
extract IPA file out of an Jailbroken iPhone (or iPad for that matter).
Pre-requisite
a. MacOS (Don’t worry if you don’t have MacBook. I have wrote a detailed article on How to
Create an almost perfect MacOS VM)
Setup
a. iproxy: This little utility helps connecting iPhone SSH over USB. This is not by default installed
in MacOS.
3
Open in app
Note: If you don’t about Homebrew, it is an amazing package manager just like APT (Linux) or
Chocolatey (Windows). You must explorer it.
iproxy 2222 22
frida-ios-dump
Git Clone
Install the requirements mentioned requirements.txt file inside cloned directory. It doesn’t matter
which Python 3.x or 2.x. It supports both.
Requirements installed
IPA Extraction
It generally ask you to start app on iPhone before initiating dump, so make sure to run app on
device.
On successful completion, IPA file get generated on same folder as frida-ios-dump folder.
Now you may ask why follow this bit inconvenient way to extract IPA file. We can use iMazing or
iFunbox as well, right? Well, most important reason to use this particular tools is because it gives
out “unencrypted” IPA files. Which means these files are easy for static analysis. Not only that,
these IPAs works fine when sideloaded on other iPhones as well as Corellium VMs too.