var img = document.createElement('img'); img.src = "https://calabrone.net/piwik.php?idsite=2&rec=1&url=https://stinger.io" + location.pathname; img.style = "border:0"; img.alt = "tracker"; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(img,s);
Skip to main content

Extract and Decode IPA File

For a lot of the information gathering, and static analysis of the mobile app, we need to first extract the IPA file. The IPA file is nothing more than a zip file which means we can extract it with existing tools on the macOS system.

To extract the IPA file:

/usr/bin/unzip -qq -d App filename.ipa

To decode the executable, and save the data our for post-processing:

# First obtain the executable name
/usr/libexec/PlistBuddy -c Print:CFBundleExecutable App/Payload/Example.app/Info.plist

# Dump headers from the executable (use the output of the last command for ${BINARY})
ktool dump --headers --out App/headers App/Payload/Example.app/${BINARY}

# Dump strings from the executable
/usr/bin/strings -n 6 binary > App/Strings.txt

# Dump classes & methods
/usr/bin/otool -oV binary > App/Classes_Methods.txt