Installing Tools
Setting up the toolkit is arguably one of the most important sections of the iOS pentest. As they say, "a workman is only as good as his tools".
From Cydia, download and install the applications listed below.
  • AppSync - Installs custom IPA files (Cydia source: https://cydia.akemi.ai/)
  • Filza - File Browser
  • OpenSSH ? Allows us to connect to the iPhone remotely over SSH
  • Adv-cmds : Comes with a set of process commands like ps, kill, finger?
  • Sqlite3 : Sqlite database client
  • GNU Debugger: For run time analysis & reverse engineering
  • Veency: Allows to view the phone on the workstation with the help of veency client
  • Tcpdump: To capture network traffic on phone
  • com.ericasadun.utlities: plutil to view property list files
  • Grep: For searching
  • Odcctools: otool ? object file displaying tool
  • Crackulous: Decrypt iPhone apps
  • Hackulous: To install decrypted apps
  • Snoop-it [discontinued]: Monitor various application resources (Cydia Source: https://[repo.nesolabs.de](http://repo.nesolabs.de/))
  • Frida: (Cydia Repo https://build.frida.re)

Installing an IPA file

Once the iOS device has been Jailbroken and Cydia has been installed, the user can follow the steps below to install a custom and unsigned iOS application (.IPA) file.
  1. 1.
    Add https://cydia.akemi.ai/ to the Cydia sources list
  2. 2.
    Search for "AppSync Unified" and install the latest package from the repository
  3. 3.
    Push the .IPA to the iPad using SFTP or SSH (Install OpenSSH from Cydia with the default credentials of root / alpine)
  4. 4.
    Install "Filza" from Cydia and navigate to the uploaded .IPA file and click the icon.
  5. 5.
    Click install from the context window

Decrypting iOS App

Some iOS apps are encrypted and to extract them can be complicated. Luckily there is a tool on GitHub for this: