Tool to decrypt iOS apps using r2frida

Last update: Jan 03, 2023

Overview

r2flutch

Yet another tool to decrypt iOS apps using r2frida.

Requirements

It requires to install Frida on the Jailbroken iOS device:

Jailbroken device
Frida installed on the device. (e.g. via Cydia) https://frida.re/docs/ios/#with-jailbreak
radare2 installed. https://github.com/radareorg/radare2

Installation

Using PIP:

pip install r2flutch

Using r2pm

r2pm -ci r2flutch

Usage

Run r2flutch -l to list all the installed apps.

Run r2flutch -i <App Bundle> to pull a decrypted IPA from the device.

Run r2flutch <App Bundle> to pull the decrypted app binary from the device.

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

331 Jan 1, 2023

Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool

loggef Facebook automation tool, Facebook account hacking and cloning advanced tool + dictionary attack added Warning Use this tool for educational pu

149 Aug 10, 2022

labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning

16 Dec 8, 2022

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting.🎭

This is A Python & Bash Programming Based Termux-Tool Created By CRACKER911181. This Tool Created For Hacking and Pentesting. If You Use This Tool To Evil Purpose,The Owner Will Never be Responsible For That.

1 Jan 10, 2022

A tool to brute force a gmail account. Use this tool to crack multiple accounts

A tool to brute force a gmail account. Use this tool to crack multiple accounts. This tool is developed to crack multiple accounts

12 Dec 30, 2022

Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

3 Apr 9, 2022

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

DirBruter DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by laun

12 Dec 17, 2022

An auxiliary tool for iot vulnerability hunter

firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件，基于敏感函数参数回溯来辅助漏洞挖掘。我们知道，在固件漏洞挖掘中，从敏感/危险函数出发，寻找其参数来源，是一种很有效的漏洞挖掘方法，但程序中调用敏感函数的地方非常多，人工分析耗时费力，通过该插件，可以帮助排除大部分的安全

171 Nov 28, 2022

DNS hijacking via dead records automation tool

DeadDNS Multi-threaded DNS hijacking via dead records automation tool How it works 1) Dig provided subdomains file for dead DNS records. 2) Dig the fo

45 Dec 20, 2022

Comments

Error Dumping Application

When attempting to dump an application I ran into this error. Any suggestions on how to proceed?

r2flutch XXXXX
[+] Open Application Process XXXXX
resumed spawned process.
[+] Mount Application Bundle
Mounted io on /r2f at 0x0
[+] Set block size to 0x80000

Invalid address (XXXXXw)
|ERROR| Invalid command 'mdj /r2f/AppBundle/assets/node_modules/@XXXX' (0x6d)

opened by bmbernie 4

ERROR - Failed to copy file: .gitkeep

iOS: 14.6 Device: iphone 7 Jailbrake tool: checkrain

radare2: 5.5.4

MacBook-Pro-di-xspam:jan xspam$ r2flutch -i com.adobe.PSMobile [+] Open Application Process com.adobe.PSMobile resumed spawned process. [+] Mount Application Bundle Mounted io on /r2f at 0x0 [+] Set block size to 0x400000

[+] Loading all modules [+] Dumping Module PS Express at 0x104b1d000 (0x1000 Bytes) Dumped 4096 bytes from 0x104b1d000 into /var/folders/s1/t_833fyx34n_5r4xvjmd6kzr0000gn/T/r2flutch-diqkax00/dump/PS Express File 'PS Express' created. (size: 101806432 bytes) [+] Writing decrypted data to file /var/folders/s1/t_833fyx34n_5r4xvjmd6kzr0000gn/T/r2flutch-diqkax00/bin/PS Express at 0x21000 [+] Patching cryptid at offset 0x11b0 [+] Module /var/folders/s1/t_833fyx34n_5r4xvjmd6kzr0000gn/T/r2flutch-diqkax00/bin/PS Express successfully decrypted [+] Copy application bundle to: /var/folders/s1/t_833fyx34n_5r4xvjmd6kzr0000gn/T/r2flutch-diqkax00/Payload/PS Express.app [+] Copy App Bundle to disk 15%|█████████████████████▋ | 613/4069 [01:03<03:24, 16.90it/s][x] ERROR - Failed to copy file: .gitkeep 100%|███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 4069/4069 [14:24<00:00, 4.71it/s] [+] Creating IPA file at ./PS Express.ipa [+] IPA file saved at ./PS Express.ipa [*] SUCCESS - r2flutch Decryption Complete!

opened by itsmylife44 1

ERROR - Cannot open target process

$ r2flutch -d -i uk.co.llamasoft.gridrunner
[+] Open Application Process uk.co.llamasoft.gridrunner
[r] Cannot open 'frida://launch/usb/644ceeafa65960cb3a2249b2f6a8b7702381d15b/uk.co.llamasoft.gridrunner'
[x] ERROR - Cannot open target process: uk.co.llamasoft.gridrunner

iOS: 10.3.3 (14G60) Device: iPad mini 2 (ME277B/A) Jailbrake tool: sockH3lix

radare2: 5.4.2 (via brew)

opened by gingerbeardman 1

Releases(1.0.3)

1.0.3(Feb 10, 2022)

Source code(tar.gz)
Source code(zip)
1.0.2(Dec 10, 2021)

Increases blocksize to 4MB.

Recommended updating r2frida to the latest version.
Source code(tar.gz)
Source code(zip)

Owner

Murphy

GitHub Repository

OpenSource Poc && Vulnerable-Target Storage Box.

reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re

560 Dec 23, 2022

Hadoop Yan RPC unauthorized RCE

Vuln Impact On November 15, 2021, A security researcher disclosed that there was an unauthorized access vulnerability in Hadoop yarn RPC. This vulnera

25 Nov 24, 2022

An easy-to-use wrapper for NTFS-3G on macOS

ezNTFS ezNTFS is an easy-to-use wrapper for NTFS-3G on macOS. ezNTFS can be used as a menu bar app, or via the CLI in the terminal. Installation To us

34 Dec 01, 2022

This repo is about steps to create a effective custom wordlist in a few clicks/

Custom Wordlist This repo is about steps to take in order to create a effective custom wordlist in a few clicks. this comes handing in pentesting enga

2 Oct 08, 2022

GitHub Advance Security Compliance Action

advanced-security-compliance This Action was designed to allow users to configure their Risk threshold for security issues reported by GitHub Code Sca

121 Dec 14, 2022

Tool To generate Stable Undetected Payload

windowsPayload Tool To generate Stable Undetected Payload Don t Upload to Virus Total :) Follow on Social Media Platforms ScreenShots How to install +

117 Dec 30, 2022

Complet and easy to run Port Scanner with Python

Port_Scanner Complet and easy to run Port Scanner with Python Installation 1- git clone https://github.com/s120000/Port_Scanner 2- cd Port_Scanner 3-

1 May 19, 2022

A simple Log4Shell Scan with python

🐞 Log4Scan 🔧 Log4Shell 简单的主动和被动扫描脚本 Log4scan 针对header头和fuzz参数的主动批量扫描，用于大批量黑盒检测

6 Aug 04, 2022

A piece of software that shows a traceroute of a URL redirect path

Tracing URL redirects has never been easier! Usage • Download 🚩 Use Cases To see where an affiliate link ends up To see what affiliate network is bei

41 Nov 22, 2022

Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities

Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities Features 1 Scan one website 2 Scan multiple websites Insta

9 Dec 30, 2022

StarUML cracker - StarUML cracker With Python

StarUML_cracker Usage On Linux Clone the repo. git clone https://github.com/mana

9 Jun 20, 2022

A curated list of amazingly awesome Cybersecurity datasets

758 Dec 28, 2022

Malware for Discord, designed to steal passwords, tokens, and inject discord folders for long-term use.

Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (

59 Dec 01, 2022

Discord-keylogger - Discord keylogger With Python

Discord-keylogger Usage python dlogger.py -t [Time interval in sec] if not speci

1 Jan 30, 2022

Polkit - Local Privilege Escalation (CVE-2021-3560)

CVE-2021-3560 Polkit - Local Privilege Escalation Original discovery by kevin_backhouse from GitHub Security Lab References https://github.blog/2021-0

1 Nov 12, 2021

Simplify getting and using cookies from the browser to use in Python.

CookieCache Simplify getting and using cookies from the browser to use in Python. NOTE: All the logic to interface with the browsers is done by the Br

2 May 06, 2022

Crypto Meta Extractor

Crypto Meta Extractor This repository contains the code which extracts some metadata of all the cryptocurrencies listed (9K) on CoinMarketCap. Coding

3 Jul 03, 2022

A windows post exploitation tool that contains a lot of features for information gathering and more.

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

29 Nov 20, 2022

The First Python Compatible Camera Hacking Tool

ZCam Hack webcam using python by sending malicious link. FEATURES : [+] Real-time Camera hacking [+] Python compatible [+] URL Shortener using bitly [

109 Dec 28, 2022

This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

2 Oct 05, 2022