Awesome
1.Installation
<h3>1.1 Mac OS X</h3> <h5>1.1.1 pc env prepare</h5>-
install python2.7
-
"sudo easy_install pip"
-
"sudo pip install paramiko"
-
"easy_install prettytable" or "easy_install -U prettytable"
-
"xcode-select --install", select “install”, then "agre..."
-
"brew install libimobiledevice", if don't have homebrew ,install it first: "ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" < /dev/null 2> /dev/null"
-
"git clone https://github.com/alibaba/iOSSecAudit.git"
-
cd /path/to/iOSSecAudit, "python main.py"
notice
if you see the the following:
ImportError: No module named prettytable
ImportError: No module named paramiko
Uninstall them if needed, then try to install prettytable
or
paramiko
from the source code.
<U>Never test on Linux or Windows, cause i am tooooo lazy...</U>
2.Usage
<B>Special Note: strongly suggest execute "chenv" after you connect to your device</B>
Usage:
$ python main.py
Type "help", "cprt" for more information.
>>>help
[I]: Documented commands (type help [topic]):
ab abr aca br chenv cipa clche clzdp cprt cycript
dbgsvr dbn dca dipa dlini dlinj dlinji dnload dwa dws
e exit fus gbs gdb gdbs go gs gsp gtb
h help ibca iipa kcd kcdel kce kcs la lapp
las lbs lca log lsl ltb mport nonfat panic pca
pid q quit resign sd skc ssh stop upload usb
vdb vkc vpl vtb wclzdp wpb
[I]: try 'help [cmd0] [cmd1]...' or 'help all' for more infomation.
>>>help ssh
ssh connect to device with ssh.
args: [ip] [username] [password]
example: 'ssh 10.1.1.1 root alpine'
>>>help usb
usb ssh device over usb(Max OS X support only).
args: [username] [password] [port]
example: 'usb root alpine' or 'usb root alpine 2222'
>>>help dlinji
dlinji inject a dylib into an ipa file, resign and install.
args: [ipa_path] [entitlements_path] [mobileprovision_path] [identity] [dylib]
example: 'dlini ~/tmp/xin.ipa ~/tmp/entitlements.plist ~/tmp/ios_development.mobileprovision 'iPhone Developer: Name Name (xxxxxx)' ~/tmp/libtest.dylib'
>>>usb root xxroot
[E]: SSH Authentication failed when connecting to host
[I]: Connect failed.
>>>usb root alpine
[I]: Connect success.
>>>la
[I]: Refresh LastLaunchServicesMap...
[I]: All installed Applications:
0>.手机淘宝(com.taobao.taobao4iphone)
1>.Alilang(com.alibaba.alilang)
2>.微信(com.tencent.xin)
3>.putong(com.yaymedialabs.putong)
4>.支付宝(com.alipay.iphoneclient)
5>.条码二维码(com.mimimix.tiaomabijia)
6>.最右(cn.xiaochuankeji.tieba)
>>>help las
las list all storage file of an application.
args: [bundle_identifer]
example: 'las com.taobaobj.moneyshield' or 'las'
>>>help sd
sd show application detail.
args: [bundle_identifer]
example: 'sd com.taobaobj.moneyshield' or 'sd'
>>>sd cn.xiaochuankeji.tieba
[I]: 最右 Detail Info:
Bundle ID : cn.xiaochuankeji.tieba
UUID : D9B2B45F-0D25-4F4F-B6A1-45B514BF4D4B
binary name : tieba
Platform Version: 9.3
SDK Version : iphoneos9.3
Mini OS : 7.0
Data Directory : 5D9B5BE7-A438-4057-8A88-4FDEA6FC2153
URL Hnadlers : wx16516ad81c31d872
QQ41C6A3FB
tencent1103537147
zuiyou7a7569796f75
wb4117400114
Entitlements :
get-task-allow:
beta-reports-active:
aps-environment: production
application-identifier: 3JDS7K3BCM.cn.xiaochuankeji.tieba
com.apple.developer.team-identifier: 3JDS7K3BCM
com.apple.security.application-groups:
3.Thanks
idb: https://github.com/dmayer/idb
class dump: https://github.com/nygard/class-dump
clutch: https://github.com/KJCracks/Clutch
dumpdecrypted: https://github.com/stefanesser/dumpdecrypted
pbwatcher: https://github.com/dmayer/pbwatcher
Please contact me if i use your code while not mention you.