Skip to content
lethanhphuc edited this page Dec 9, 2022 · 11 revisions

Welcome to the frida-ios-hook wiki!

Install

	[+] Latest version
	
		https://github.com/noobpk/frida-ios-hook/releases
		
	[+] Develop version
	
		git clone -b dev https://github.com/noobpk/frida-ios-hook

Build

1. cd frida-ios-hook/
2. pip3 install -r requirements.txt
3. python3 setup.py
4. cd frida-ios-hook

Usage for Darwin / Linux

Application: Apple AppStore
Identifier: com.apple.appstore
Name: AppStore
  1. List All Devices

./ioshook --list-devices

  1. List The Installed apps

./ioshook --list-apps

  1. List Info of Apps on Itunes

./ioshook --list-appinfo

list()

  1. List All Scripts

./ioshook --list-scripts

  1. Show system log of device

./ioshook --logcat

  1. Get the shell of connect device

Start Iproxy iproxy 2222 22

./ioshook --shell

  1. Dump decrypt IPA

Start Iproxy iproxy 2222 22

./ioshook -p com.apple.appstore --dump Or ./ioshook -n 'App Store' --dump

  1. Dump memory of Application

./ioshook -n 'App Store' --dump-memory --string

  1. HexByte Scan IPA

Scan ./ioshook --hexbyte-scan scan --file AppStore.ipa --pattern E103??AA????E0

Patch ./ioshook --hexbyte-scan patch --file AppStore.ipa --address 0x184dfc,1F2003D5,0x1

Json ./ioshook --hexbyte-scan json --file AppStore.ipa --task hexbytescan-tasks/task.json

  1. Static Analysis Application

./ioshook -n 'App Store' -m app-static

  1. Bypass Jailbreak Detection

./ioshook -p com.apple.appstore -m bypass-jb

  1. Bypass SSL Pinning

./ioshook -p com.apple.appstore -m bypass-ssl

  1. Intercept URLRequest in App

./ioshook -n 'App Store' -m i-url-req

  1. Intercept Crypto in App

./ioshook -p com.apple.appstore -m i-crypto

Usage for Windows

With windows you use the same options as Darwin / Linux but use the command python3 ioshook.py + options

Clone this wiki locally