From 0b680da24e8449c09b51974beed8ac9533b01fb0 Mon Sep 17 00:00:00 2001 From: Sven Date: Sat, 5 Oct 2024 15:14:34 +0200 Subject: [PATCH 1/3] Update MASTG-TECH-0054.md --- techniques/ios/MASTG-TECH-0054.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/techniques/ios/MASTG-TECH-0054.md b/techniques/ios/MASTG-TECH-0054.md index 0a2827d660..13a53535e2 100644 --- a/techniques/ios/MASTG-TECH-0054.md +++ b/techniques/ios/MASTG-TECH-0054.md @@ -58,7 +58,7 @@ In order to retrieve the unencrypted version, you can use [frida-ios-dump](https First, configure @MASTG-TOOL-0054 `dump.py`: -- set it to use `localhost` with port `2222` when using @MASTG-TOOL-0055, or to the actual IP address and port of the device from which you want to dump the binary. +- set it to use `localhost` with port `2222` when using @MASTG-TOOL-0055 (`iproxy 2222 22`), or to the actual IP address and port of the device from which you want to dump the binary. - update the default username (`User = 'root'`) and password (`Password = 'alpine'`) in `dump.py` to the ones you have set. Enumerate the apps installed on the device by running `python dump.py -l`: @@ -74,7 +74,7 @@ Enumerate the apps installed on the device by running `python dump.py -l`: ... ``` -You can dump the selected app, for example Telegram, by running `python dump.py ph.telegra.Telegraph` +You can dump the selected app, for example Telegram, by running `python dump.py -H 127.0.0.1 -p 2222 --user mobile -P alpine ph.telegra.Telegraph`, if you are using a SSH tunnel with `iproxy` and the default credentials on a jailbroken phone. After a couple of seconds, the `Telegram.ipa` file will be created in your current directory. You can validate the success of the dump by removing the app and reinstalling it (e.g. using @MASTG-TOOL-0054 `ios-deploy -b Telegram.ipa`). Note that this will only work on jailbroken devices, as otherwise the signature won't be valid. From 3175d39374e91590ec802d8a787cb2b73e7d8a32 Mon Sep 17 00:00:00 2001 From: Carlos Holguera Date: Sat, 5 Oct 2024 16:51:47 +0200 Subject: [PATCH 2/3] Update techniques/ios/MASTG-TECH-0054.md --- techniques/ios/MASTG-TECH-0054.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/techniques/ios/MASTG-TECH-0054.md b/techniques/ios/MASTG-TECH-0054.md index 13a53535e2..c879f20d0c 100644 --- a/techniques/ios/MASTG-TECH-0054.md +++ b/techniques/ios/MASTG-TECH-0054.md @@ -74,7 +74,7 @@ Enumerate the apps installed on the device by running `python dump.py -l`: ... ``` -You can dump the selected app, for example Telegram, by running `python dump.py -H 127.0.0.1 -p 2222 --user mobile -P alpine ph.telegra.Telegraph`, if you are using a SSH tunnel with `iproxy` and the default credentials on a jailbroken phone. +You can dump the selected app, for example Telegram, by running `python dump.py -H 127.0.0.1 -p 2222 --user mobile -P alpine ph.telegra.Telegraph`, if you are using an SSH tunnel with `iproxy` and the default credentials on a jailbroken phone. After a couple of seconds, the `Telegram.ipa` file will be created in your current directory. You can validate the success of the dump by removing the app and reinstalling it (e.g. using @MASTG-TOOL-0054 `ios-deploy -b Telegram.ipa`). Note that this will only work on jailbroken devices, as otherwise the signature won't be valid. From a0545787f4ca34fb9665b8fb6ea1317b5745227a Mon Sep 17 00:00:00 2001 From: Sven Date: Sun, 6 Oct 2024 15:01:11 +0200 Subject: [PATCH 3/3] Update techniques/ios/MASTG-TECH-0054.md --- techniques/ios/MASTG-TECH-0054.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/techniques/ios/MASTG-TECH-0054.md b/techniques/ios/MASTG-TECH-0054.md index c879f20d0c..454c6e0459 100644 --- a/techniques/ios/MASTG-TECH-0054.md +++ b/techniques/ios/MASTG-TECH-0054.md @@ -58,7 +58,7 @@ In order to retrieve the unencrypted version, you can use [frida-ios-dump](https First, configure @MASTG-TOOL-0054 `dump.py`: -- set it to use `localhost` with port `2222` when using @MASTG-TOOL-0055 (`iproxy 2222 22`), or to the actual IP address and port of the device from which you want to dump the binary. +- set it to use `localhost` with port `2222` when using @MASTG-TOOL-0055 (`iproxy 2222 22`), or to the actual IP address and port of the device from which you want to dump the binary. - update the default username (`User = 'root'`) and password (`Password = 'alpine'`) in `dump.py` to the ones you have set. Enumerate the apps installed on the device by running `python dump.py -l`: