Saturday 20 February 2016
0 comments

DumpDecrypted Provide Better Solution Than GDB Scripts

DumpDecrypted Provide Better Solution Than GDB Scripts


DumpDecrypted Provide Better Solution Than GDB Scripts


DumpDecrypted is an iPhone Applications to a file. The DumpDecrypted provide better solution as compared to the GDB scripts for non working GDB versions. And this tool is build only for the security research purposes, not for application crackers.


How to Compile?

For compile purpose if you have different iOS SDK installed then first adjust the Makefile First adjust the Makefile if you have a different iOS SDK installed.


How to Use it?

iPod:~ root# DYLD_INSERT_LIBRARIES=dumpdecrypted.dylib /var/mobile/Applications/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/Scan.app/Scan
mach-o decryption dumper


How to install dumpdecrypted?

For installation install "iRET"(method of installation. IRET  Http://blog.itselectlab.com/?p=524 ). "Dumpdecrypted" is red, it is not usable.

1. Download the .Zip file from given link 
(" https://github.com/stefanesser/dumpdecrypted/archive/master.zip”).
2. Then after unzip the file.


Coding for the unzip:

Then "Unzip"
Thaisingle: ~ root # unzip master.zip.
Archive: master.zip
beaf598cdbdec28e7f0660c368ce485ccec9c3c5
   creating: dumpdecrypted-master /
  inflating: dumpdecrypted-master / Makefile.  
  inflating: dumpdecrypted-master / README.  
  inflating: dumpdecrypted-master / dumpdecrypted.c.  
Thaisingle: ~ root # ls -l.
total 1040
-rwxrwxrwx 1 root wheel 1056000 Oct 28 21:19 Clutch *.
drwxr-xr-x 2 root wheel 272 Feb 7 2012 Keychain-Dumper-master /.
drwxr-xr-x 6 root wheel 204 Oct 9 09:43 Library /.
drwxr-xr-x 2 root wheel 68 Feb 27 2008 Media /.
drwxr-xr-x 2 root wheel 102 Feb 2 01:37 YES /.
drwxr-xr-x 2 root wheel 170 Feb 13 2014 dumpdecrypted-master /.
drwxr-xr-x 2 root wheel 170 Feb 1 21:49 iRET-Tool /.
-rw-r - r-- 1 root wheel 4114 Feb 2 23:31 master.zip.
Thaisingle: ~ root # CD Dumpdecrypted-Master /.
Thaisingle: ~ / dumpdecrypted-master root # ls -l.
total 16
-rw-r - r-- 1 root wheel 484 Feb 13 2014 Makefile.
-rw-r - r-- 1 root wheel 1295 Feb 13 2014 README.
-rw-r - r-- 1 root wheel 8057 Feb 13 2014 dumpdecrypted.c.
Once in that directory "/ Dumpdecrypted-master" will file "dumpdecrypted.c" make "comply" with the command "make" to "file" extensions ".dylib" is complete.
Thaisingle: ~ / dumpdecrypted-master root # ls -l.
total 100
-rw-r - r-- 1 root wheel 484 Feb 13 2014 Makefile.
-rw-r - r-- 1 root wheel 1295 Feb 13 2014 README.
-rw-r - r-- 1 root wheel 8057 Feb 13 2014 dumpdecrypted.c.
-rw-r - r-- 1 root wheel 82904 Oct 10 00:37 dumpdecrypted.dylib.
Thaisingle: ~ / dumpdecrypted-master root #. 


Licence:

(C) Copyright 2011-2014 Stefan Esser


Usage:

iPod:~ root# DYLD_INSERT_LIBRARIES=dumpdecrypted.dylib /var/mobile/Applications/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/Scan.app/Scan
mach-o decryption dumper


DISCLAIMER: This tool is only meant for security research purposes, not for application crackers.

[+] Found encrypted data at address 00002000 of length 1826816 bytes - type 1.
[+] Opening /private/var/mobile/Applications/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/Scan.app/Scan for reading.
[+] Reading header
[+] Detecting header type
[+] Executable is a FAT image - searching for right architecture
[+] Correct arch is at offset 2408224 in the file
[+] Opening Scan.decrypted for writing.
[-] Failed opening. Most probably a sandbox issue. Trying something different.
[+] Opening /private/var/mobile/Applications/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/tmp/Scan.decrypted for writing.
[+] Copying the not encrypted start of the file
[+] Dumping the decrypted data into the file
[+] Copying the not encrypted remainder of the file
[+] Closing original file
[+] Closing dump file

Download Link: Click Here



0 comments:

Post a Comment

Note: only a member of this blog may post a comment.

 
Toggle Footer
Top