iOS Device Setup

Package Installation

Physical Devices

If you are using a physical device, you will want to install these. On the Corellium devices, you do not need to worry about these tools.

1. Install the latest version of Frida Server

   • Add the repo: http://build.frida.re
   • Install Frida, either by searching for it or going to the repo

2. Install SSL Kill Switch 2 (version 0.14 or higher) on the device, to disable certificate pinning.

   • Download the latest package from https://github.com/nabla-c0d3/ssl-kill-switch2/releases

   • Install the com.nablac0d3.sslkillswitch2_0.14.deb file to the device.

     dpkg -i com.nablac0d3.sslkillswitch2_0.14.deb

   • Re-spring the device.

     killall -HUP SpringBoard

   • Enable it in the Settings app (when you need it).

Corellium Devices

1. On the Corellium virtual device, install the latest jbtools self-extracting script. This installs several tools in /usr/local/bin.

   Compiled Apps:

   • appinfo (searches user installed apps & provides sandbox directories)
   • dataprotection (dumps the data protection level for each app file)
   • MacOAnalyzer (static analysis app)
   • uriextractor (extract file://, http:// & https:// URIs)
   • getentitlements (dumps the app entitlements)

   Python3 Scripts:

   • cookieParser (dumps cookies from Cookies.binarycookies file on device)
   • dumpCache (extracts data from the Cache.db file on device)
   • extract_mobileprovision (parses the embedded.mobileprovision file on device)
   • plutil (macOS plutil clone Python script for on device or Linux)

2. Packages from default repositories:

• Debugserver
• LLDB
• ipainstaller console

3. Install the latest version of RocketBootstrap and AppList

   • Add the repo: https://rpetri.ch/repo
   • Install RocketBootstrap by searching for it or going to the repo
   • Install AppList by searching for it (may be installed as a dependency already)