frida ios dump

frida-ios-dump是类似Clutch的工具,通过它,我们可以从jailbreak的手机上解密ipa。不过该ipa只能在同一架构的CPU手机上运行。如在32bit的iphone5c上解密的ipa,只能安装到32bit的5c或者5上。

Usage

修改dump.py中的port, 假如不是使用 iproxy 2222 22.

def on_message(message,data):
	if message.has_key('payload'):
		payload = message['payload']
		if payload.has_key("opened"):
			opened.set();
		if payload.has_key("dump"):
			orign_path = payload["path"]
			dumppath = payload["dump"]
			os.system(u''.join(("scp -P 4444 root@localhost:", dumppath, u" ./" + OUTPUT + u"/")).encode('utf-8').strip())
			os.system(u''.join(("chmod 655 ", u'./' + OUTPUT + u'/', os.path.basename(dumppath))).encode('utf-8').strip())
			index = orign_path.find(".app/")
			file_dict[os.path.basename(dumppath)] =  orign_path[index+5:]
		if payload.has_key("app"):
			apppath = payload["app"]
			os.system(u''.join(("scp -r -P 4444 root@localhost:", apppath, u" ./" + OUTPUT + u"/")).encode('utf-8').strip())
			os.system(u''.join(("chmod 755 ", u'./' + OUTPUT + u'/', os.path.basename(apppath))).encode('utf-8').strip())
			file_dict["app"] = os.path.basename(apppath)
		if payload.has_key("done"):
			gen_ipa(os.getcwd()+"/"+OUTPUT)
			finished.set();
		
$ ./dump.py "my_app_name"
Show Comments