{"id":68,"date":"2017-12-14T23:15:37","date_gmt":"2017-12-14T15:15:37","guid":{"rendered":"https:\/\/www.aberlt.com\/?p=68"},"modified":"2024-04-18T19:35:09","modified_gmt":"2024-04-18T11:35:09","slug":"%e8%ae%b0%e7%a0%b8%e5%a3%b3%e5%b7%a5%e5%85%b7-frida-ios-dump-%e7%9a%84%e4%bd%bf%e7%94%a8","status":"publish","type":"post","link":"https:\/\/www.aberlt.com\/index.php\/2017\/12\/14\/%e8%ae%b0%e7%a0%b8%e5%a3%b3%e5%b7%a5%e5%85%b7-frida-ios-dump-%e7%9a%84%e4%bd%bf%e7%94%a8\/","title":{"rendered":"\u8bb0\u7838\u58f3\u5de5\u5177 frida-ios-dump \u7684\u4f7f\u7528"},"content":{"rendered":"

\u62d6\u5ef6\u75c7\u8d56\u4e86\u4e00\u4e2a\u591a\u661f\u671f\uff0c\u8fd9\u7bc7\u535a\u6587\u4e3b\u8981\u8bb0\u5f55\u4e00\u4e0b\u4f7f\u7528 frida-ios-dump<\/a> \u5bf9 App \u8fdb\u884c\u7838\u58f3\u524d\u7684\u4e00\u4e9b\u51c6\u5907\u3002 <\/p>\n

<\/p>\n

\u5e86\u54e5\u5728 README \u4e2d\u5df2\u7ecf\u5199\u6e05\u695a\u4e86\u8be5\u5de5\u5177\u7684\u7528\u6cd5\uff0c\u6211\u662f\u6839\u636e\u4ed6\u7ed9\u7684\u6b65\u9aa4\u8fdb\u884c\u7684\uff0c\u4ee5\u4e0b\u662f\u64cd\u4f5c\u6b65\u9aa4\uff1a<\/p>\n

\u73af\u5883\u51c6\u5907<\/h2>\n

\u5b89\u88c5 frida<\/h3>\n

frida \u7684\u5b89\u88c5\u5f88\u7b80\u5355\uff0c\u6211\u662f\u76f4\u63a5 Google \u641c\u7d22 frida \uff0c\u7136\u540e\u6839\u636e\u5b98\u7f51<\/a>\u4e0a\u7684\u6587\u6863\u8fdb\u884c\u5b89\u88c5\u7684\u3002<\/p>\n

macOS \u5b89\u88c5<\/a><\/h4>\n

frida \u4f9d\u8d56\u4e8e python\uff0cmacOS \u5df2\u7ecf\u81ea\u5e26 python \u6240\u4ee5\u4e0d\u9700\u8981\u518d\u53bb\u5b89\u88c5\u3002\u5b98\u7f51\u63d0\u4f9b\u4e86\u4e24\u79cd\u5b89\u88c5\u7684\u65b9\u5f0f\uff0c\u6211\u9009\u62e9\u4f7f\u7528 pip \u81ea\u52a8\u5b89\u88c5\u3002\u5728\u7ec8\u7aef\u4e2d\u8f93\u5165\u4ee5\u4e0b\u547d\u4ee4\u56de\u8f66\uff0c\u7136\u540e\u8f93\u5165\u5bc6\u7801\u5373\u53ef\uff1asudo pip install frida<\/code><\/p>\n

\u5728\u8fd9\u91cc\u6211\u9047\u5230\u4e86\u4e00\u4e2a\u95ee\u9898\uff0c\u5bfc\u81f4\u5b89\u88c5\u5931\u8d25\u3002\u5931\u8d25\u7684\u63d0\u793a\u4e3b\u8981\u662f\uff1a<\/p>\n

Operation not permitted: '\/tmp\/pip-uW0fNP-uninstall\/System\/Library\/Frameworks\/Python.framework\/Versions\/2.7\/Extras\/lib\/python\/six-1.4.1-py2.7.egg-info'<\/code><\/code><\/p>\n

\u8fd9\u91cc\u662f\u8bf4\u65e0\u6743\u9650\u5bf9 six \u8fdb\u884c\u64cd\u4f5c\uff0c\u7ecf\u8fc7\u4e00\u756a Google \u4e4b\u540e\u5728 pip \u4ed3\u5e93\u7684\u4e00\u4e2a issue<\/a> \u4e2d\u627e\u5230\u4e86\u89e3\u51b3\u65b9\u6cd5\uff1a\u5373\u5b89\u88c5\u7684\u65f6\u5019\u5ffd\u7565\u5df2\u5b89\u88c5\u7684 six\u3002<\/p>\n

\u6700\u540e\u901a\u8fc7\u4ee5\u4e0b\u547d\u4ee4\u5b89\u88c5\u6210\u529f\u3002<\/p>\n

sudo pip install frida --ignore-installed six<\/code><\/p>\n

\n

\u8fd9\u91cc\u5e94\u8be5\u662f\u6211\u6ca1\u6709\u5173\u95ed SIP \u800c\u5bfc\u81f4\u7684\u95ee\u9898\uff0c\u56e0\u4e3a\u5728\u516c\u53f8\u7684\u7535\u8111\u4e0a\u8fdb\u884c\u5e76\u6ca1\u6709\u51fa\u73b0\u8fd9\u4e2a\u95ee\u9898\u3002\uff08PS\uff1a\u516c\u53f8\u7684\u7535\u8111\u662f\u4ece\u6211\u7684\u4e2a\u4eba\u7535\u8111\u8fc1\u79fb\u6570\u636e\u8fc7\u53bb\u7684\uff0c\u9664\u4e86\u5f53\u65f6\u5c1d\u8bd5\u5168\u5c4f\u4f7f\u7528 iOS \u6a21\u62df\u5668\u800c\u5173\u95ed SIP \u4e4b\u5916\uff0c\u6ca1\u6709\u5176\u5b83\u4e0d\u540c\u7684\u5730\u65b9\uff09<\/p>\n<\/blockquote>\n

\u624b\u673a\u5b89\u88c5<\/a><\/h4>\n

\u5b98\u7f51\u540c\u65f6\u63d0\u4f9b\u4e86\u9488\u5bf9\u8d8a\u72f1\u624b\u673a\u548c\u975e\u8d8a\u72f1\u624b\u673a\u5b89\u88c5\u7684\u65b9\u6cd5\u3002\u8fd9\u91cc\u6211\u53ea\u662f\u5728\u8d8a\u72f1\u624b\u673a\u4e0a\u8fdb\u884c\u4e86\u5b89\u88c5\uff0c\u81f3\u4e8e\u975e\u8d8a\u72f1\u7684\u624b\u673a\u6682\u65f6\u8fd8\u6ca1\u6709\u5c1d\u8bd5\u3002<\/p>\n

\u8d8a\u72f1\u624b\u673a\u7684\u5b89\u88c5\u6b65\u9aa4\u5982\u4e0b\uff1a<\/p>\n

    \n
  1. \n

    \u542f\u52a8 Cydia<\/p>\n<\/li>\n

  2. \n

    \u6dfb\u52a0\u8f6f\u4ef6\u6e90<\/p>\n

    \u8f6f\u4ef6\u6e90 Sources<\/code>-> \u7f16\u8f91 Edit<\/code>\uff08\u5de6\u4e0a\u89d2\uff09-> \u6dfb\u52a0 Add<\/code>\uff08\u53f3\u4e0a\u89d2\uff09-> \u8f93\u5165 https:\/\/build.frida.re<\/code><\/p>\n<\/li>\n

  3. \n

    \u901a\u8fc7\u521a\u624d\u6dfb\u52a0\u7684\u8f6f\u4ef6\u6e90\u5b89\u88c5 frida \u63d2\u4ef6\u3002\u6839\u636e\u624b\u673a\u8fdb\u884c\u5b89\u88c5\uff1aiPhone 5 \u53ca\u4e4b\u524d\u7684\u673a\u5668\u4e3a 32 \u4f4d\uff0c5s \u53ca\u4e4b\u540e\u7684\u673a\u5668\u4e3a 64 \u4f4d\u3002<\/p>\n<\/li>\n<\/ol>\n

    \u5b89\u88c5\u6210\u529f<\/h4>\n

    \u4e24\u4e2a\u7aef\u90fd\u5b89\u88c5\u5b8c\u6210\u4e4b\u540e\u53ef\u4ee5\u7528 USB \u8fde\u63a5\u624b\u673a\u5728 mac \u7ec8\u7aef\u4e2d\u901a\u8fc7 frida-ps -U<\/code> \u547d\u4ee4\u6d4b\u8bd5\uff0c\u82e5\u8f93\u51fa\u624b\u673a\u4e0a\u5b89\u88c5\u7684 App \u540d\u79f0\u5219\u8bf4\u660e\u5b89\u88c5\u6210\u529f\u3002<\/p>\n

    ssh \u8fde\u63a5\u624b\u673a<\/h3>\n

    \u6709\u4e24\u79cd\u65b9\u5f0f\u8fde\u63a5\u624b\u673a\uff1aWiFi \u548c USB\u3002WiFi \u8fde\u63a5\u4ec5\u9700\u5728\u624b\u673a\u4e0a\u5b89\u88c5 OpenSSH \u5373\u53ef\uff0cUSB \u8fde\u63a5\u8fd8\u9700\u8981\u5728 mac \u4e0a\u5b89\u88c5\u4e00\u4e2a\u5de5\u5177 iproxy\u3002<\/p>\n

    \u5b89\u88c5 OpenSSH<\/h4>\n

    \u5728 Cydia \u4e2d\u5b89\u88c5\u5373\u53ef\u3002\u6b65\u9aa4\uff1aCydia<\/code> -> \u641c\u7d22 OpenSSH<\/code> -> \u70b9\u51fb\u5b89\u88c5<\/code><\/p>\n

    \u9ed8\u8ba4\u7528\u6237 root \u7684\u5bc6\u7801\u662f\uff1aalpine \uff0c\u8fde\u63a5\u6210\u529f\u4e4b\u540e\u4f7f\u7528passwd<\/code> \u547d\u4ee4\u4fee\u6539\u5bc6\u7801\u3002<\/p>\n

    WiFi \u8fde\u63a5<\/h4>\n

    \u9996\u5148\u9700\u8981\u627e\u5230\u8bbe\u5907\u7684 ip\uff0c\u5728 WiFi \u8be6\u60c5\u91cc\u53ef\u4ee5\u770b\u5230\u3002\u7136\u540e\u5728\u7ec8\u7aef\u4e2d\u901a\u8fc7 ssh \u8fde\u63a5\uff0c\u547d\u4ee4\u4e3a ssh root@ip<\/code>\u3002<\/p>\n

    \u8fd9\u79cd\u65b9\u5f0f\u7684\u901f\u5ea6\u6bd4\u8f83\u6162\u4e00\u70b9\uff0c\u5efa\u8bae\u4f7f\u7528 USB \u8fde\u63a5\u3002<\/p>\n

    USB \u8fde\u63a5<\/h4>\n
    \n

    frida-ios-dump \u8981\u6c42\u901a\u8fc7 USB \u8fde\u63a5\u624b\u673a<\/p>\n<\/blockquote>\n

    \u6709\u4e24\u4e2a\u5de5\u5177\u5305\u90fd\u5e26\u4e86 iproxy<\/p>\n

      \n
    • libimobiledevice<\/code><\/li>\n
    • usbmuxd<\/code><\/li>\n<\/ul>\n

      \u8fd9\u4e24\u4e2a\u90fd\u53ef\u4ee5\u901a\u8fc7 homebrew \u5b89\u88c5\u3002\u5b89\u88c5\u547d\u4ee4\u4e3a\uff1abrew install libimobiledevice<\/code> \u548c brew install usbmuxd<\/code><\/p>\n

      \u5b89\u88c5\u5b8c\u6210\u4e4b\u540e\u5728\u7ec8\u7aef\u4e2d\u901a\u8fc7 iproxy \u547d\u4ee4\u6620\u5c04\u7aef\u53e3\uff1aiproxy 2222 22<\/code>\uff0c\u5982\u56fe\uff1a<\/p>\n

      \"iproxy\"<\/p>\n

      \u7136\u540e\u5728\u53e6\u4e00\u4e2a\u7ec8\u7aef\u7a97\u53e3\u4e2d\u901a\u8fc7 ssh -p 2222 root@localhost<\/code> \u8fdb\u884c\u8fde\u63a5\u5373\u53ef\u3002<\/p>\n

      \"Usb_ssh_connect_iphone\"<\/p>\n

      \u4f7f\u7528 frida-ios-dump<\/h2>\n

      \u5728\u7ec8\u7aef\u4e2d\u4f7f\u7528 cd<\/code> \u547d\u4ee4\u8fdb\u5165 frida-ios-dump \u811a\u672c\u6240\u5728\u7684\u6587\u4ef6\u5939\u901a\u8fc7 .\/dump.py app\u540d\u79f0<\/code> \u547d\u4ee4\u5373\u53ef\u8fdb\u884c\u7838\u58f3\u3002\u811a\u672c\u8fd0\u884c\u5b8c\u6210\u4e4b\u540e\u4f1a\u5728\u6587\u4ef6\u5939\u4e2d\u751f\u6210\u4e00\u4e2a\u5df2\u7838\u58f3\u7684 ipa \u6587\u4ef6\uff0c\u975e\u5e38\u5730\u65b9\u4fbf\u3002<\/p>\n

      \u603b\u7ed3<\/h2>\n

      \u6574\u4e2a\u8fc7\u7a0b\u5e76\u4e0d\u96be\uff0c\u5982\u679c\u672c\u6765\u5c31\u6709\u9006\u5411\u57fa\u7840\u7684\u8bdd\u5e94\u8be5\u975e\u5e38\u5feb\u5c31\u53ef\u4ee5\u505a\u5b8c\u73af\u5883\u51c6\u5907\uff0c\u6216\u8005\u8bf4\u53ef\u4ee5\u76f4\u63a5\u4f7f\u7528\u5de5\u5177\u4e86\u3002\u800c\u6211\u56e0\u4e3a\u6ca1\u6709\u76f8\u5173\u77e5\u8bc6\uff0c\u82b1\u8d39\u4e86\u6bd4\u8f83\u591a\u7684\u65f6\u95f4\u53bb Google\uff0c\u4e0d\u8fc7\u6700\u540e\u6210\u529f\u7838\u58f3\u8fd8\u662f\u633a\u6709\u6210\u5c31\u611f\u7684\u3002\u540c\u65f6\u4e5f\u9700\u8981\u7ee7\u7eed\u5b66\u4e60\uff0c\u641e\u6e05\u695a\u539f\u7406\uff0c\u4e0d\u80fd\u505c\u7559\u5728\u5de5\u5177\u7684\u4f7f\u7528\u4e0a\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"

      \u62d6\u5ef6\u75c7\u8d56\u4e86\u4e00\u4e2a\u591a\u661f\u671f\uff0c\u8fd9\u7bc7\u535a\u6587\u4e3b\u8981\u8bb0\u5f55\u4e00\u4e0b\u4f7f\u7528 [frida-ios-dump](https:\/\/github.com\/AloneMonkey\/frida-ios-dump) \u5bf9 App \u8fdb\u884c\u7838\u58f3\u524d\u7684\u4e00\u4e9b\u51c6\u5907\u3002 <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"aside","meta":{"footnotes":""},"categories":[9],"tags":[14,13],"_links":{"self":[{"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/posts\/68"}],"collection":[{"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/comments?post=68"}],"version-history":[{"count":1,"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/posts\/68\/revisions"}],"predecessor-version":[{"id":69,"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/posts\/68\/revisions\/69"}],"wp:attachment":[{"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/media?parent=68"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/categories?post=68"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aberlt.com\/index.php\/wp-json\/wp\/v2\/tags?post=68"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}