A tool for extracting decrypted IPA files from jailbroken devices.
This fork no longer requires using scp, unlike the original project.
This is possible because I used the Frida File API to read all bytes inside a Module file and then parse it into a MachO object.
Currently, this class does not implement all Apple specifications.
By doing this, the tool doesn't generate auxiliary files on the APFS filesystem, as they are only stored as ArrayBuffer (and node:Buffer) in memory.
After patching, I can send the file to PC/macOS using the send Frida primitive.
Furthermore, this solution extends the ConsoleApplication class, thereby avoiding issues with argument handling.
To use frida-ios-dump, follow these steps:
- Install frida on your device.
Note
My repo is no more necessary because since Frida 16.1.5 supports rootless and rootfull JB. Anyway if you want to compile your own Frida DEB you can follow/adapt my guide. -
Clone this project by entering the following command in your terminal:
git clone --depth=1 -j8 https://github.com/miticollo/frida-ios-dump.git cd frida-ios-dump/ - Create a virtual environment.
python -m venv --upgrade-deps ./.venv source ./.venv/bin/activate - Run
pip -vvv install frida-tools --require-virtualenv --upgrade --upgrade-strategy 'eager'to install the Frida dependency.Note
This command will also upgrade dependencies. - (Optional) Connect your iDevice to macOS/PC using a USB lightning cable. You can also decrypt iOS over Wireless using the remote communication provided by Frida, although USB is recommended.
- Run the following commands to decrypt apps:
-
This spawns YouTube and then decrypts it.
python ./decrypter.py -U -f com.google.ios.youtube
-
Use this after opening the Spotify app.
python ./decrypter.py -U -n Spotify
-
To install the app, sideload it as follows:
- Use Sideloadly
Note
Enable “Sideload Spoofer” as some apps may not work after decryption.
- iPhone XR with iOS 15.1b1 jailbroken using Dopamine
- iPhone X with iOS 16.3.1 rootfull JB
- iPhone 8 with iOS 15.6 jailbroken using palera1n