objection & Frida

Mobile, iOS

Objection & Frida without Jailbreak

Step to Do

  • install dependencies
  • generate signing credentials
  • get IPA
  • App Modification

Install Dependencies

  • Find a way to install
    • xcode and link profile with
      (xcode-select -s /Applications/Xcode.app/Contents/Developer)
    • brew
    • python3
    • wget
    • frida
    • objection

Generate Signing Creds

Create Signing Certificate

  • go and create developer profile at apple

  • sign apple ID in xcode , check here

    Xcode -> Preferences -> Account -> "click + "

Generate Mobileprovision file

  • create project in xcode with single view application
  • sign with your developer account
  • choose your devices
  • build project
  • trust profile in your phone

  • check your mobileprovisoin file there or not , check here

    right click project -> show in finder -> right click ipa -> show package Content

Get IPA

  • get IPA in some ways ,
    in ios 11 I guess clutch is not working .
    If you are on project , get it from your client. If you are researching ,
    get it from https://www.iphonecake.com/

App Modification

Get frida-gadgets

1
2
3
4
git clone https://github.com/Tyilo/insert_dylib
cd insert_dylib
xcodebuild
cp build/Release/insert_dylib /usr/local/bin/insert_dylib

Patch IPA

  • you can add FridaGadget.config, this is optional

  • patch with objection

    objection patchipa --source my-app.ipa --codesign-signature 0C2E8200Dxxxx

  • deploy app

    unzip *-frida-codesigned.ipa

  • lunch the App

    ios-deploy --bundle Payload/my-app.app -W

References

https://dji.retroroms.info/howto/iosfrida

https://www.nccgroup.trust/sg/about-us/newsroom-and-events/blogs/2016/october/ios-instrumentation-without-jailbreak/