Yet another frida based App decryptor. Requires jailbroken iOS device and frida.re
Only tested on iOS 14 (unc0ver) and iOS 16 (checkm8). Help wanted: Dopamine seems to have issues on process spawn but I don't have such device to debug.
The name of this project doesn't have any meaning. I was just listening to that song while typing.
With Cydia:
Rootless:
If your are using rootless jailbreak, another project of mine fruity-frida might help. Use the run-frida-server
to automatically download, deploy and run frida-server on your device.
npm install
, your node.js might be either too new or too old. Try to use nvm
to install a compatible version or download the correct installer.zip
or 7z
command is needed to create zip archive. On most of the distros, you don't need to install them manually.npm install -g bagbak
bagbak [bundle id or name]
Options:
-l, --list list apps
-U, --usb connect to USB device (default)
-R, --remote connect to remote frida-server
-D, --device <uuid> connect to device with the given ID
-H, --host <host> connect to remote frida-server on HOST
-f, --force override existing files
-d, --debug enable debug output
-r, --raw dump raw app bundle to directory (no ipa)
-o, --output <output> ipa filename or directory to dump to
-h, --help display help for command
Environments variables:
DEBUG=1
enable debug output for troubleshootingDEBUG_SCP=1
debug SCP protocolSSH_USERNAME
username for iPhone SSH, default to root
SSH_PASSWORD
password for iPhone SSH, default to alpine
SSH_PORT
port for iPhone SSH. If not given, bagbak will scan port 22 (OpenSSH) and port 44 (Dropbear)Example:
bagbak -l
to list all appsbagbak --raw Chrome
to dump the app to current directorybagbak com.google.chrome.ios
to dump app to com.google.chrome.ios-[version].ipa
想看更多中文技术分享?欢迎关注我的公众号