iOS Hacking: Introduction to the dynamic analysis of applications with Frida

Find installed apps

// Find installed apps
$ frida-ps -U -a

PID Name Identifier

- ---- ---------

841 Calendar com.apple.mobilecal

839 Mail com.apple.mobilemail

4496 ACME's en.acme.restaurants       // ACME's is the target App's name

Trace the use of the Open function

$ frida-trace -U -i "open *" "ACME's" // ACME's is the target App's name

Extract all classes of an App

$ git clone https://github.com/interference-security/frida-scripts.git

$ frida -U -l frida-scripts/iOS/find-classes.js "ACME's"> classes

$ grep Offer classes

// If we wanted to trace another class, we just have to add another parameter -m with its corresponding class.
$ frida-trace -U -m "* [Offer *]" "ACME's"

篡改参数

onLeave: function (log, retval, state) {
	console.log ("loyaltyLevel ->" + retval.toString (16));
}
onLeave: function (log, retval, state) {
	console.log ("loyaltyLevel ->" + retval.toString (16));
	retval.replace (0);
}

Ref

iOS Hacking: Introducción al análisis dinámico de aplicaciones con Frida - Hacking Ético - Spanish (Translate)

Show Comments