Setting Up Frida Without Jailbreak On Devices Running Latest IOS 12.1.4

Setting Up Frida Without Jailbreak On Devices Running Latest IOS 12.1.4

DOWNLOAD > https://cinurl.com/2tuj3L

How to Use Frida on Non-Jailbroken iOS Devices Running iOS 12.1.4

Frida is a powerful tool for dynamic analysis of mobile applications, but it usually requires a jailbroken device to work. However, there is a way to use Frida on non-jailbroken iOS devices running the latest version of iOS, which is 12.1.4 as of this writing. In this article, we will show you how to do that step by step.

The main idea is to patch the target application with Frida's Gadget library, which will allow us to inject our own scripts into the app at runtime. To do this, we need an unencrypted IPA file of the app, a signing identity, a mobile provision file, and some tools to modify and resign the IPA file.

Here are the steps we need to follow:

Setting up the Signing Identity

Setting up the Mobile Provision File

Patching the IPA File with Frida Gadget

Fixing Codesign Issues

Installing the Patched IPA File on the Device

Using Frida to Instrument the App

Setting up the Signing Identity

To patch and resign the IPA file, we need a valid signing identity that matches the mobile provision file. We can use Xcode to create one for free using our Apple account.

First, we need to launch Xcode and go to Preferences > Accounts. Then we need to add our Apple account and select it as the team.

Next, we need to click on Manage Certificates and then click on the plus sign to create a new iOS Development certificate.

To verify that the signing identity is properly set up, we can use the following command in the terminal:

security find-identity -p codesigning -v

This command will output all the signing identities for our account. We should see something like this:

1) 1234567890ABCDEF1234567890ABCDEF12345678 \"Apple Development: name@example.com (ABCDEFGHIJ)\"

1 valid identities found

We need to copy the long hexadecimal string that represents our identity for later use.

Setting up the Mobile Provision File

A mobile provision file is a file that contains information about the app's entitlements, provisioning profile, and certificates. We need one that matches our signing identity and allows us to install the app on our device.

To create one, we need to create a new Xcode project with any name and bundle identifier, and select our Apple account as the team. Then we need to connect our device to Xcode and run the app on it. This will generate a mobile provision file for us.

To find the mobile provision file, we need to right-click on the generated app file in Xcode and select Show in Finder. Then we need to right-click on the app file in Finder and select Show Package Contents. We should see a file named embedded.mobileprovision inside the app package. We need to copy this file and save it somewhere for later use.

Patching the IPA File with Frida Gadget

Now that we have our signing identity and mobile provision file, we can proceed to patch the target app with Frida Gadget. Frida Gadget is a library that allows us to inject Frida scripts into any app without requiring a jailbroken device or a separate process.

To patch the app, we need an unencrypted IPA file of it. We can get one from various sources, such as downloading it from the App Store and decrypting it with tools like Clutch or bfinject, or getting it from websites like iphonecake.com. However, we should always verify that the IPA file is authentic and not modified by malicious actors.

In this example, we will use Uber as our target app a474f39169