Merge pull request #73 from noobpk/dev

Bump to 3.8

.github/workflows/python-publish.yml

@@ -9,7 +9,7 @@ on:
 
 jobs:
   deploy:
-    
+
     runs-on: ubuntu-latest
 
     steps:

.gitignore

@@ -134,4 +134,4 @@ dmypy.json
 .DS
 .DS_Store
 *.ipa
-*.zip
+*.zip

.pre-commit-config.yaml

@@ -0,0 +1,14 @@
+# See https://pre-commit.com for more information
+# See https://pre-commit.com/hooks.html for more hooks
+# pre-commit run --all-files
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v3.2.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-added-large-files
+      - id: detect-private-key
+      - id: check-case-conflict
+      - id: check-symlinks

.vscode/settings.json

@@ -1,11 +1,22 @@
 {
     "cSpell.words": [
+        "appinfo",
+        "binarycookies",
         "frida",
         "fridump",
+        "hexbyte",
+        "hexbytescan",
         "hexbytescanner",
         "ideviceinstaller",
         "libimobiledevice",
-        "noobpk"
+        "logcat",
+        "lowlevel",
+        "noobpk",
+        "nslog",
+        "nsuserdefaults",
+        "pentest",
+        "psutil",
+        "touchid"
     ],
     "python.testing.unittestArgs": [
         "-v",
@@ -19,4 +30,4 @@
     "python.testing.pytestArgs": [
         "."
     ]
-}
+}

CHANGELOG.md

@@ -1,5 +1,21 @@
 # Frida iOS Hook ChangeLog
 
+## [Release 3.8] - 2022-12-11
+
+### Added
+- Add function check.deviceConnected
+- Add reFlutter
+### Changed
+- Update function check.iproxyInstalled
+- Update dumpDecryptIPA option
+- Update readme, changelog, requirement
+- Remove --list-appinfo option
+- Update --cli option
+### Fixed
+- Fix issue in --shell option [issue 57](https://github.com/noobpk/frida-ios-hook/issues/57)
+- Fix issue in --dump option [issue 67](https://github.com/noobpk/frida-ios-hook/issues/67)
+- Fix and optimize hexbytescan option
+
 ## [Release 3.7] - 2022-06-17
 
 ### Added
@@ -20,7 +36,7 @@
 - Add setup.py for build executable
 ### Changed
 - Update readme, changelog
-- Remove old file 
+- Remove old file
 
 ## [Unrelease] - 2022-03-17
 
@@ -54,18 +70,18 @@
 
 ### Added
 - New option CLI `--cli`
- 
+
 ### Changed
 
 ### Fixed
-- Fix method List All Application script not found 
+- Fix method List All Application script not found
 
 ## [3.6] - 2022-01-11
 
 ### Added
 - New option Show system log of device `--logcat`
 - New option Get the shell of connect device `--shell`
- 
+
 ### Changed
 - Using `hook.json` to load configuration for the tool
 - Optimize core `hook.py`

README.md

@@ -10,7 +10,7 @@
 
 👉 For Android platform: [frida-android-hook](https://github.com/noobpk/frida-android-hook)
 
-👉 For Intercept Api was encrypted on iOS application: [frida-ios-interceprt-api](https://github.com/noobpk/frida-ios-intercept-api)
+👉 For Intercept Api was encrypted on iOS application: [frida-ios-intercept-api](https://github.com/noobpk/frida-ios-intercept-api)
 
 ## Env OS Support
 | OS      | Supported          | Noted   |
@@ -20,11 +20,9 @@
 | Windows | :white_check_mark: | sub	 |
 
 ## Compatible with
-| iOS      |   Frida  | Supported         |
-| -------- | -------- | ----------------- |
-|  13.2.3  | 14.2.13  | :white_check_mark:|
-|  14.4.2  | 14.2.13  | :white_check_mark:|
-|  14.4.2  | 15.0.18  | :white_check_mark:|
+| iOS      |  Frida   | Frida-tools | Supported        |
+| -------- | -------  | ----------- |----------------- |
+|  15.7.1  | 16.0.7   | 12.0.4      | :white_check_mark:|
 
 ## Feature
 
@@ -39,30 +37,29 @@ Support both spawn & attach script to process.
 	-n(--name) 			Name of application ex: AppStore
 	-s(--script) 			Using script format script.js
 	-c(--check-version) 		Check for the newest version
-	-u(--upadte) 			Update to the newest version
-	
+	-u(--update) 			Update to the newest version
+
 	[*] Dump decrypt IPA:
-	
+
     	-d, --dump         Dump decrypt application.ipa
     	-o OUTPUT_IPA, --output=OUTPUT_IPA
                            Specify name of the decrypted IPA
-	
+
 	[*] Dump memory of Application:
-	
+
 	--dump-memory		Dump memory of application
-	
+
 	[*] HexByte Scan IPA:
 	--hexbyte-scan		Scan or Patch IPA with byte patterns
 	--pattern=PATTERN   Pattern for hexbytescan
 	--address=ADDRESS   Address for hexbytescan
 	-t TASK, --task=TASK
           			Task for hexbytescan
-	
+
 	[*] Information:
 
 	--list-devices    List All Devices
 	--list-apps       List The Installed apps
-	--list-appinfo    List Info of Apps on Itunes
 	--list-scripts    List All Scripts
 	--logcat          Show system log of device
     	--shell, --ssh      Get the shell of connect device
@@ -75,50 +72,46 @@ Support both spawn & attach script to process.
 				bypass-ssl(-p)
 				i-url-req(-n)
 				i-crypto(-p)
+	[*] reFlutter:
+
+	--reflutter=FLUTTERFILE
+                        File Flutter.ipa
 ```
 
 ## 📜 ChangeLog
 
-Version: 3.7
+Version: 3.8
 ```
 	[+] Add:
-	
-		[-] Add setup.py for build executable
-		
-		[-] Add `--ssh` to option Get the shell of connect device
-		
-		[-] Add suggestion script for option `-s (--script)`
-		
-		
+		- Add function check.deviceConnected
+		- Add reFlutter
 	[+] Change:
-		
-		[-] Update readme, changelog
-		
-		[-] Update frida-script
-		
-		[-] Update hook.py
-	
+		- Update function check.iproxyInstalled
+		- Update dumpDecryptIPA option
+		- Update readme, changelog, requirement
+		- Remove --list-appinfo option
+		- Update --cli option
 	[+] Fix
-		
-		[-] Fix syntax in hook.json
+		- Fix issue in --shell option [issue 57](https://github.com/noobpk/frida-ios-hook/issues/57)
+		- Fix issue in --dump option [issue 67](https://github.com/noobpk/frida-ios-hook/issues/67)
+		- Fix and optimize hexbytescan option
 
-		[-] Fix psutil not found
 ```
 [See Full ChangeLog](https://github.com/noobpk/frida-ios-hook/blob/master/CHANGELOG.md)
 
 ## Install
 
 ```
 	[+] Latest version
-	
+
 		https://github.com/noobpk/frida-ios-hook/releases
-		
+
 	[+] Develop version
-	
+
 		git clone -b dev https://github.com/noobpk/frida-ios-hook
 ```
 
-## Build 
+## Build
 
 ```
 1. cd frida-ios-hook/
@@ -144,7 +137,7 @@ If you run the script but it doesn't work, you can try the following:
 
 ## Frida-Script
 
-Updated some frida scripts to help you with the pentest ios app. Filter script using spawn(S) or attach(A) 
+Updated some frida scripts to help you with the pentest ios app. Filter script using spawn(S) or attach(A)
 
 |N|Spawn/Attach|Script Name| Script Description| Script Version|
 |:---|:---|:---|:---|:---|
@@ -196,8 +189,8 @@ Updated some frida scripts to help you with the pentest ios app. Filter script u
 |N|Task Name| Task Description|
 |:---|:---|:---|
 |1|openssl_hook.json|OpenSSL 1.0.2 certificate pinning hook on arm64|
-|2|openssl_1_1_0_hook.json|OpenSSL 1.1.0 certifiate pinning hook for arm64, it modifies cmp instruction in tls_process_server_certificate method|
-|3|openssl_hook_v2.json|OpenSSL 1.0.2 certificate pinning hook on arm64, improved pattern, possibly for different compiler version or slighlty updated OpenSSL, use if first version does not find patch location. These hooks patch call to ssl_verify_cert_chain in ssl3_get_server_certificate.|
+|2|openssl_1_1_0_hook.json|OpenSSL 1.1.0 certificate pinning hook for arm64, it modifies cmp instruction in tls_process_server_certificate method|
+|3|openssl_hook_v2.json|OpenSSL 1.0.2 certificate pinning hook on arm64, improved pattern, possibly for different compiler version or slightly updated OpenSSL, use if first version does not find patch location. These hooks patch call to ssl_verify_cert_chain in ssl3_get_server_certificate.|
 
 ## Disclaimer
 Because I am not a developer, so my coding skills might not be the best. Therefore, if this tool have any issue or not working for you, create an issue and i will try to fix it.

frida-ios-hook/core/hook.json

@@ -1,7 +1,7 @@
 {
     "name": "frida-ios-hook",
-    "version": "3.7",
-    "cliVersion": "1.0",
+    "version": "3.8",
+    "cliVersion": "1.1",
     "author": "noobpk",
     "license": "LICENSE",
     "requirements": "requirements.txt",
@@ -52,4 +52,4 @@
         "0xdea/frida-scripts": "https://github.com/0xdea/frida-scripts",
         "interference-security/frida-scripts": "https://github.com/interference-security/frida-scripts"
     }
-}
+}