Review App Session Cookies

On you are logged into the mobile app, a session is established from the back-end server. This cookie data could be stored in a Cookies.binarycookies file or kept in the Keychain. Along with the session ID, this will also contain the cookie attributes, such as HTTPOnly & secure (among others).

CookieParser Script

The CookieParser script is written in Python 3 and can be executed directly on the device. Change to the application's Data directory, where the Cookies.binarycookies file is located.

This script can print the decoded data to the terminal screen, or saved to a JSON file. I would recommend that you save it to a file since it can be alot of data, plus it allows you to save and compare multiple files.

% ./CookieParser 
<=====================================================================>
 CookieParser - v1.0.2
<=====================================================================>

Usage: ./CookieParser Cookies.binarycookies [output_file.json]

Review Session Information with Objection

Launch the app and login, then run the following command:

objection -g 'App Name' run 'ios cookies get --json'

The output will be similar to this:

[
    {
        "domain": ".example.net",
        "expiresDate": "null",
        "isHTTPOnly": "true",
        "isSecure": "true",
        "name": "SESSIONID",
        "path": "/",
        "value": "kAiVksIPXmaxZo/7Hx+X4mcuT3DwRlZ3SbonOEL12zZ6OUHH+l1ipCwpKlNFzC/PGreClpwttpr0    
. . . (truncated) . . .

CookieParser Script​

Review Session Information with Objection​

CookieParser Script

Review Session Information with Objection