Tutorial Frida iOS Dump for Windows! - Create decrypted .ipa Files - Works with iOS 12+

ubyt3x · October 7, 2019

Some of you may know the Frida iOS dump script which uses Frida to create a cracked .ipa of any app running on your iOS via an SSH-to-USB tunnel.

The repository for this can be found here: https://github.com/AloneMonkey/frida-ios-dump

This works on macOS and Linux. Simply install Python 2.7, install the dependencies and run dump.py.

But if you try this on Windows, it won't really work, because first, you will have some problems with the encoding/characters in an windows terminal.

Using the Git Bash f.e. fixes this. But then the next problem is that windows has no internal zip command to create a zip archive to create the .ipa file.

Because I don't want to take my Macbook every time just for Frida, I rewrote a few lines in the script to make this work on windows as well, which uses 7zip.

dump_win.py: https://pastebin.com/q3n6Cgxz

Download: MEGA.nz

Note: The port can vary (22 in my file) because iFunbox opens the tunnel at that port.

Either download the complete package or overwrite your dump.py with the dump_win.py one or download dump_win.py as another file and drag 7za.exe from the archive into your frida folder.

If you're overdramatic, you can download the latest 7za.exe yourself at https://sourceforge.net/projects/sevenzip/ by going to Files > 7-Zip > latest version (19.00) and downloading 7zxxxx-extra.7z and extracting 7za.exe from there.

If you're an WinRAR user, you can also use following file:

dump_winrar.py: https://pastebin.com/iAR7x92J

If WinRAR is installed at a different place rather than C:\Program Files\WinRAR, you can change the path at WINRAR_PATH (line 43).

This does NOT work with the default windows terminal/cmd! At best get yourself Git (https://gitforwindows.org/) and use Git Bash.

Hope you have fun with it!

Updated October 7, 2019 by Aarivex

Laxus · October 7, 2019

Does this require open the application to decrypt?

ubyt3x · October 7, 2019

15 hours ago, Laxus said:

Does this require open the application to decrypt?

Yes. It works by dumping the application from the loaded memory, so indeed you have to open the application first.

cret91 · October 20, 2019

@Aarivex why give this : /Desktop/dump
$ ./dump.py
Traceback (most recent call last):
File "./dump.py", line 12, in <module>
import frida
ImportError: No module named frida

???

ubyt3x · October 20, 2019

1 hour ago, cret91 said:

@Aarivex why give this : /Desktop/dump
$ ./dump.py
Traceback (most recent call last):
File "./dump.py", line 12, in <module>
import frida
ImportError: No module named frida

???

You need to install the required dependencies.

Run sudo pip install -r requirements.txt --upgrade.

cret91 · October 20, 2019

33 minutes ago, Aarivex said:

You need to install the required dependencies.

Run sudo pip install -r requirements.txt --upgrade.

But i use windows no linux ...

ubyt3x · October 20, 2019

3 hours ago, cret91 said:

But i use windows no linux ...

pip should already be installed with the Python installation. If not, be sure to install the latest Python 2.7.9+

cret91 · October 20, 2019

3 hours ago, Aarivex said:

pip should already be installed with the Python installation. If not, be sure to install the latest Python 2.7.9+

Done but script .py is broken ...

python dump.py
File "dump.py", line 65
print "Waiting for USB device..."
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean print("Waiting for USB device...")?

ubyt3x · October 22, 2019

On 10/20/2019 at 9:58 PM, cret91 said:

Done but script .py is broken ...

python dump.py
File "dump.py", line 65
print "Waiting for USB device..."
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean print("Waiting for USB device...")?

Make sure to really use Python 2.7 and not 3 and also calling Python 2 (check your environment variables).

cret91 · October 26, 2019

On 10/22/2019 at 4:55 PM, Aarivex said:

Make sure to really use Python 2.7 and not 3 and also calling Python 2 (check your environment variables).

I make comanda dump.py TARGET

Game is opening and progress for dump start but after finished i give error : No handlers could be found for logger "paramiko.transport" and all freeze.

PS. I MAKE A LOG AND LAST WORDS IS : "Socket exception: An existing connection was forcibly closed by the remote host" .

Updated October 26, 2019 by cret91
NEW INFO