IOS

Jailbreak:

Palers for IOS16.1.1 (IphoneX):

Download from https://palera.in/older-releases/. Steps for jailbreak:

  1. Clear settings / reset

  2. plug in and run: ./palera1n-linux-x86_64 -v -f -c Note: when checkmate occurs may have to remove and plug in cable quickly

  3. Once completed, run: ./palera1n-linux-x86_64 -v -c

  4. download and install openssh & ssh into user as 'mobile:alpine'

Testing:

all testing types based on OWASP https://owasp.org/www-project-mobile-top-10/

M1: Improper Platform Usage

Exposed API calls, potentially vulnerable serverse see IPA to run via MobSF

Additionally, run Keychain-Dumper on the device https://github.com/ptoomey3/Keychain-Dumper

M2: Insecure Data Storage

See Application data for download of data and check for any unencrpyted data storage

Run via MobSF and check strings etc see IPA for details

M3: Insecure Communication

SSL Pin using Frida

M4: Insecure Authentication

M5: Insufficient Cryptography

M6: Insecure Authorization

M7: Client Code Quality

M8: Code Tampering

M9: Reverse Engineering

M10: Extraneous Functionality

Downloading Application data:

Application data

Download the following folder for application data, this can then be checked for stored secrets etc:

/private/var/mobile/Containers/Data/Application/UUID

IPA

Use the following to download and run IPA statically through MobSF:

  1. download application to local machine, will be in the following folder (time sort for latest download): /private/var/containers/Bundle/Application/UUID

  2. Create folder name 'Payload' (case sensitive) and copy all data from Application/UUID folder in

  3. Zip the folder and rename to application-name.ipa i.e. chrome.ipa

Grapefruit:

Run Grapefruit:

# install: 
npm install -g igf
# run:
igf
PreviousHigh Priv User

Last updated