• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

alibaba/iOSSecAudit: iOS Security Audit Toolit - A semi-automatic tool for iOS A ...

原作者: [db:作者] 来自: 网络 收藏 邀请

开源软件名称:

alibaba/iOSSecAudit

开源软件地址:

https://github.com/alibaba/iOSSecAudit

开源编程语言:

Python 92.4%

开源软件介绍:

1.Installation

1.1 Mac OS X

1.1.1 pc env prepare
  1. install python2.7

  2. "sudo easy_install pip"

  3. "sudo pip install paramiko"

  4. "easy_install prettytable" or "easy_install -U prettytable"

  5. "xcode-select --install", select “install”, then "agre..."

  6. "brew install libimobiledevice", if don't have homebrew ,install it first: "ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" < /dev/null 2> /dev/null"

  7. "git clone https://github.com/alibaba/iOSSecAudit.git"

  8. cd /path/to/iOSSecAudit, "python main.py"

notice

if you see the the following:

ImportError: No module named prettytable
ImportError: No module named paramiko

Uninstall them if needed, then try to install prettytable or

paramiko from the source code.

1.1.2 device env prepare
1. jailbreak iOS device 2. install cycript in Cydia

1.2 Linux or Windows

Never test on Linux or Windows, cause i am tooooo lazy...

2.Usage

Special Note: strongly suggest execute "chenv" after you connect to your device

Usage:

$ python main.py 
Type "help", "cprt" for more information.
>>>help
[I]: Documented commands (type help [topic]):
ab 	abr 	aca 	br 	chenv 	cipa 	clche 	clzdp 	cprt 	cycript 	
dbgsvr 	dbn 	dca 	dipa 	dlini 	dlinj 	dlinji 	dnload 	dwa 	dws 	
e 	exit 	fus 	gbs 	gdb 	gdbs 	go 	gs 	gsp 	gtb 	
h 	help 	ibca 	iipa 	kcd 	kcdel 	kce 	kcs 	la 	lapp 	
las 	lbs 	lca 	log 	lsl 	ltb 	mport 	nonfat 	panic 	pca 	
pid 	q 	quit 	resign 	sd 	skc 	ssh 	stop 	upload 	usb 	
vdb 	vkc 	vpl 	vtb 	wclzdp 	wpb 	
[I]: try 'help [cmd0] [cmd1]...' or 'help all' for more infomation.
>>>help ssh
ssh 	connect to device with ssh.
  args: [ip] [username] [password]	
  example: 'ssh 10.1.1.1 root alpine'	
>>>help usb
usb 	ssh device over usb(Max OS X support only).
  args: [username] [password] [port]
  example: 'usb root alpine' or 'usb root alpine 2222'	
>>>help dlinji
dlinji 	inject a dylib into an ipa file, resign and install.
  args: [ipa_path] [entitlements_path] [mobileprovision_path] [identity] [dylib]
  example: 'dlini ~/tmp/xin.ipa ~/tmp/entitlements.plist ~/tmp/ios_development.mobileprovision 'iPhone Developer: Name Name (xxxxxx)' ~/tmp/libtest.dylib'	
>>>usb root xxroot
[E]: SSH Authentication failed when connecting to host
[I]: Connect failed.
>>>usb root alpine
[I]: Connect success.
>>>la
[I]: Refresh LastLaunchServicesMap...
[I]: All installed Applications:
0>.手机淘宝(com.taobao.taobao4iphone)
1>.Alilang(com.alibaba.alilang)
2>.微信(com.tencent.xin)
3>.putong(com.yaymedialabs.putong)
4>.支付宝(com.alipay.iphoneclient)
5>.条码二维码(com.mimimix.tiaomabijia)
6>.最右(cn.xiaochuankeji.tieba)
>>>help las
las 	list all storage file of an application.
  args: [bundle_identifer]	
  example: 'las com.taobaobj.moneyshield' or 'las'	
>>>help sd
sd 	show application detail.
  args: [bundle_identifer]
  example: 'sd com.taobaobj.moneyshield' or 'sd'	
>>>sd cn.xiaochuankeji.tieba
[I]: 最右 Detail Info:
Bundle ID       : cn.xiaochuankeji.tieba
UUID            : D9B2B45F-0D25-4F4F-B6A1-45B514BF4D4B
binary name     : tieba
Platform Version: 9.3
SDK Version     : iphoneos9.3
Mini OS         : 7.0
Data Directory  : 5D9B5BE7-A438-4057-8A88-4FDEA6FC2153
URL Hnadlers    : wx16516ad81c31d872
                QQ41C6A3FB
                tencent1103537147
                zuiyou7a7569796f75
                wb4117400114  
Entitlements    :
  get-task-allow: 
  beta-reports-active: 
  aps-environment: production
  application-identifier: 3JDS7K3BCM.cn.xiaochuankeji.tieba
  com.apple.developer.team-identifier: 3JDS7K3BCM
  com.apple.security.application-groups:

3.Thanks

idb: https://github.com/dmayer/idb

class dump: https://github.com/nygard/class-dump

clutch: https://github.com/KJCracks/Clutch

dumpdecrypted: https://github.com/stefanesser/dumpdecrypted

pbwatcher: https://github.com/dmayer/pbwatcher

Please contact me if i use your code while not mention you.




鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap