1.Installation
1.1 Mac OS X 1.1.1 pc env prepare
- install python2.7
- "sudo easy_install pip"
- "sudo pip install paramiko"
- "easy_install prettytable" or "easy_install -U prettytable"
- "xcode-select --install", select “install”, then "agre..."
- "brew install libimobiledevice", if don't have homebrew ,install it first: "ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" < /dev/null 2> /dev/null"
- "git clone https://github.com/alibaba/iOSSecAudit.git"
- cd /path/to/iOSSecAudit, "python main.py"
1.1.2 device env prepare
- jailbreak iOS device
- install cycript in Cydia
1.2 Linux or Windows
Never test on Linux or Windows, cause i am tooooo lazy...
2.Usage
Special Note: strongly suggest execute "chenv" after you connect to your device
Usage:
$ python main.py
Type "help", "cprt" for more information.
>>>help
[I]: Documented commands (type help [topic]):
ab abr aca br chenv cipa clche clzdp cprt cycript dbgsvr dbn dca dipa dlini dlinj dlinji dnload dwa dws e exit fus gbs gdb gdbs go gs gsp gtb h help ibca iipa kcd kcdel kce kcs la lapp las lbs lca log lsl ltb mport nonfat panic pca pid q quit resign sd skc ssh stop upload usb vdb vkc vpl vtb wclzdp wpb
[I]: try 'help [cmd0] [cmd1]...' or 'help all' for more infomation.
>>>help ssh
ssh connect to device with ssh.
args: [ip] [username] [password]
example: 'ssh 10.1.1.1 root alpine'
>>>help usb
usb ssh device over usb(Max OS X support only).
args: [username] [password] [port]
example: 'usb root alpine' or 'usb root alpine 2222'
>>>help dlinji
dlinji inject a dylib into an ipa file, resign and install.
args: [ipa_path] [entitlements_path] [mobileprovision_path] [identity] [dylib]
example: 'dlini ~/tmp/xin.ipa ~/tmp/entitlements.plist ~/tmp/ios_development.mobileprovision 'iPhone Developer: Name Name (xxxxxx)' ~/tmp/libtest.dylib'
>>>usb root xxroot
[E]: SSH Authentication failed when connecting to host
[I]: Connect failed.
>>>usb root alpine
[I]: Connect success. >>>la
[I]: Refresh LastLaunchServicesMap...
[I]: All installed Applications:
0>.手机淘宝(com.taobao.taobao4iphone)
1>.Alilang(com.alibaba.alilang)
2>.微信(com.tencent.xin)
3>.putong(com.yaymedialabs.putong)
4>.支付宝(com.alipay.iphoneclient)
5>.条码二维码(com.mimimix.tiaomabijia)
6>.最右(cn.xiaochuankeji.tieba)
>>>help las
las list all storage file of an application.
args: [bundle_identifer]
example: 'las com.taobaobj.moneyshield' or 'las'
>>>help sd
sd show application detail.
args: [bundle_identifer]
example: 'sd com.taobaobj.moneyshield' or 'sd'
>>>sd cn.xiaochuankeji.tieba
[I]: 最右 Detail Info: Bundle ID : cn.xiaochuankeji.tieba
UUID : D9B2B45F-0D25-4F4F-B6A1-45B514BF4D4B
binary name : tieba
Platform Version: 9.3
SDK Version : iphoneos9.3
Mini OS : 7.0
Data Directory : 5D9B5BE7-A438-4057-8A88-4FDEA6FC2153
URL Hnadlers : wx16516ad81c31d872
QQ41C6A3FB
tencent1103537147
zuiyou7a7569796f75
wb4117400114
Entitlements :
get-task-allow:
beta-reports-active:
aps-environment: production
application-identifier: 3JDS7K3BCM.cn.xiaochuankeji.tieba
com.apple.developer.team-identifier: 3JDS7K3BCM
com.apple.security.application-groups:
3.Thanks
idb:https://github.com/dmayer/idb
class dump:https://github.com/nygard/class-dump
clutch:https://github.com/KJCracks/Clutch
dumpdecrypted:https://github.com/stefanesser/dumpdecrypted
pbwatcher:https://github.com/dmayer/pbwatcher
Please contact me if i use your code while not mention you.