Extract installed .ipa from iphone device (with and without jailbreak)

This might be a basic blog but there are no proper write-ups on it so I wanted to make it one.

With Jailbreak iPhone device:

Below are the requirements to do this:

  1. Jailbroken iPhone device (any iOS version)
  2. Mac book
  3. Frida installed in your laptop

To extract installed .ipa file from the jailbroken iphone device you can use any of the below two frida scripts:

  1. frida-ipa-dump (GitHub link)
  2. frida-ios-dump (GitHub link)

I basically use "frida-ipa-dump", so let's do that now.

First you need to connect your iphone device to laptop using USB cable. Download or clone "frida-ipa-dump" from GitHub and navigate to the folder in your terminal. Now follow below steps:

  1. First check whether frida was installed in your system. So open the terminal and type a simple "frida --version" command. You should get an output of frida version
  2. In your iphone, open the app which you want to extract
  3. In your laptop terminal type "frida-ps -Ua" command. This will list out all the apps which are currently running on your iphone. It displays processID's, App identifier names, App package names of the running apps. As like shown below:
  4. Copy the processID or App identifier name or App package name which you want to extract and paste it in the below command:

$ python dump.py {processID or identifier or package name}

Example:

with process ID - $ python dump.py 9221

with app identifier - $ python dump.py VulnApp

with app package name - $ python dump.py com.vulnapp.ios

5. In the folder you can now see an .ipa file of the app which you wanted to extract.

Show Comments