Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/as0ler/r2flutch
Tool to decrypt iOS apps using r2frida
https://github.com/as0ler/r2flutch
decryption frida ios ipa r2frida radare2 reverse-engineering
Last synced: 25 days ago
JSON representation
Tool to decrypt iOS apps using r2frida
- Host: GitHub
- URL: https://github.com/as0ler/r2flutch
- Owner: as0ler
- License: gpl-3.0
- Created: 2021-08-30T06:30:38.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2022-04-22T16:59:49.000Z (over 2 years ago)
- Last Synced: 2024-11-09T20:10:41.891Z (about 1 month ago)
- Topics: decryption, frida, ios, ipa, r2frida, radare2, reverse-engineering
- Language: Python
- Homepage:
- Size: 1.19 MB
- Stars: 167
- Watchers: 5
- Forks: 23
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-ios-security - r2flutch - Yet another tool to decrypt iOS apps using r2frida. (Tools / Reverse Engineering Tools)
- awesome-apple-security - r2flutch - Yet another tool to decrypt iOS apps using r2frida. (Tools / Reverse Engineering Tools)
- awesome-hacking-lists - as0ler/r2flutch - Tool to decrypt iOS apps using r2frida (Python)
README
# r2flutch
Yet another tool to decrypt iOS apps using r2frida.![Demo](img/demo.gif)
## Requirements
It requires to install Frida on the Jailbroken iOS device:
* Jailbroken device
* Frida installed on the device. (e.g. via Cydia) https://frida.re/docs/ios/#with-jailbreak
* radare2 installed. https://github.com/radareorg/radare2
* r2frida installed. https://github.com/nowsecure/r2frida## Installation
* Using PIP:
```
pip install r2flutch
```* Using r2pm:
```
r2pm -ci r2flutch
```## Usage
* Run `r2flutch -l` to list all the installed apps.
![List applications](img/list_apps.png)
* Run `r2flutch -i ` to pull a decrypted IPA from the device.
![List applications](img/demo.png)
* Run `r2flutch ` to pull the decrypted app binary from the device.
![Demo](img/download.png)
## Troubleshooting
### Issue #1: Xcode isn't open.
> error: This feature requires an iOS Developer Disk Image to be mounted; run Xcode briefly or use ideviceimagemounter to mount one manually
Cannot spawn: This feature requires an iOS Developer Disk Image to be mounted; run Xcode briefly or use ideviceimagemounter to mount one manuallySolution: Run Xcode
### Issue #2: Gadget isn't installed
> error: Cannot attach: Need Gadget to attach on jailed iOS; its default location is: /Users/mak/.cache/frida/gadget-ios.dylibSolution: 2 steps
1. Visit https://github.com/frida/frida/releases
2. download and extract (gunzip) i.e: we'll do this for frida-gadget-15.1.10-ios-universal.dylib.gz but make sure to get the latest
* `curl -L https://github.com/frida/frida/releases/download/15.1.10/frida-gadget-15.1.10-ios-universal.dylib.gz -o frida-gadget-15.1.10-ios-universal.dylib.gz`
* `gunzip frida-gadget-15.1.10-ios-universal.dylib.gz`
* `mkdir -p ~/.cache/frida`
* `mv frida-gadget-15.1.10-ios-universal.dylib ~/.cache/frida/gadget-ios.dylib`