From the course: Ethical Hacking: Mobile Devices and Platforms

Unlock the full course today

Join today to access over 22,600 courses taught by industry experts or purchase this course individually.

Extracting properties and class headers

Extracting properties and class headers - iOS Tutorial

From the course: Ethical Hacking: Mobile Devices and Platforms

Start my 1-month free trial

Extracting properties and class headers

- [Instructor] There are two forms of iOS applications. Encrypted apps and unencrypted apps. While we can go directly to work on unencrypted applications we need to decrypt an encrypted one before we can start static analysis. We'll use Clutch with the -i switch to list all the encrypted applications on the device. We can see we have a number of encrypted applications on the device including one called Bubbsie which I've downloaded from the app store. Notice it has an index of eight. To decrypt Bubbsie I need to run Clutch again, specifying this application with the -d switch. Clutch decrypts the application and displays the destination path of the unencrypted ipa file. We'll be using the set of folders starting at private/var/mobile and we can see that Clutch has dropped the ipa into Documents/Dumped Let's go there and take a look. We can see the filename starting with com.kontrast which is the Bubbsie application in an unencrypted ipa form. I'll just rename this to make it simpler…

Contents