Hello and Welcome everyone!!!!
When performing a pentesting either it is web, network, mobile or IoT the essential thing the pentester should have is its tool.
So in this blog, I am going to share the tools which I use to perform pentesting of iOS applications.
1. Cydia Impactor:
Cydia Impactor is a GUI tool which is used to install the ios application into the iPhone when we have the IPA file of it. So if you have a jailbreak IPA then this tool is must which will let you install that jailbreak exploit IPA into your device.
You can download Cydia from here.
2. Frida
Frida is the dynamic instrumentation toolkit for developers, reverse engineers, and security researchers.
It allows us to hook the application in runtime, inject our script into the application, view or modify the request and response in runtime.
Frida consists of two components client and the server.
You can download the Frida client using below command:
$ pip install Frida-tools
For the Frida server, latest releases can be downloaded from here. We can also get the latest version of the client from the link.
3. Objection
Objection is the runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device.
This tool has features like:
• Jailbreak detection bypass
• SSL pinning bypass
• Dump ios keychain.
• Dump data from common storage like NSUserDefaults and shared NSHTTPCookieStorage.
• Bypass certain form of touch id restrictions.
• Monitors ios copy/paste buffer cache.
• Dump encoded .plist files.
• Hook a method(s) of a class in runtime.
• Execute custom Frida scripts.
• Interact with SQLite database inline.
You can download it from here.
4. Bfinject
Bfinject is dylib injection tool for ios. Bfinject loads arbitrary dylibs into running App Store apps. It has built-in support for decrypting App Store apps and comes bundled with iSpy and Cycript.
You can download it from here.
5. iFunbox
iFunbox is the file and app management tool for the iPhone, iPad, iPod touch. It lets you install any application of the ios devices, access the file system of the device connected, transfer files and image from/to the PC, and much more stuff.
If the device is jailbroken then it lets you view the Sandbox of the applications, connect the device through USB tunnel etc.
You can download it from here.
6. Libimobiledevice
libimobiledevice is a library to communicate with the services of the Apple ios devices using native protocol. It does not require jailbreaking.
This library allows the user to view the ios device info, view syslogs, take a screenshot, take backup of the device, etc.
You can download it from here.
After installing the tool, you will be able to run commands like idevice_id, idevicesyslog, idevicedebug, ideviceinfo, idevicedate, idevicescreenshot, etc.
Â
References:
- https://www.libimobiledevice.org/
2. http://www.i-funbox.com/
3. https://github.com/BishopFox/bfinject
4. https://github.com/sensepost/objection
5. https://github.com/frida/frida
6. https://www.frida.re/docs/ios/
7. http://cydiaimpactor.com
