This article will cover dynamic run-time penetration testing of iOS applications using objection framework.
Objection is a run-time mobile exploration toolkit, powered by Frida. Objection injects uses Frida to injects objects into application run-time in order to execute certain tasks in security context. Objection framework let pentester interact with application’s behavior in real time as well as monitor application’s content, files, key-chains, .plist files, etc. It is also possible to download those files directly into our pc if you have read access for those files as well as we can upload our manipulated files whenever write access has been granted to those files.
1. Python version 3.4+
Download latest python version from here:
2. pip or pip3
PIP is a package management system for Python, Once Python has been installed, install pip from this awesome guide.
3. Jailbroken iOS device:
For easy setup and installation, a jailbroken iOS device is recommended with Cydia installed. We will use iPad with 12.4 iOS version.
1. Install Frida and Objection modules in python:
pip install -U objection pip install -U frida
2. virtualenv version 15+:
We will need virtual environment greater than 15. To install virtualenv:
pip install virtualenv
3. Check current virtualenv version
4. Upgrade if virtualenv version is less than 15
pip install virtualenv --upgrade
5. Install Frida in iOS device:
We need to install Frida scripts package into iOS device. This package contains frida server, scripts to be injected. This frida server will act as middle-ware for communicating commands and applications.
i. Start cydia in iOS device and goto “Sources”
ii. Click on edit and add following URL:
iii. After this, goto search and search for “Frida”
iv. Click on install and frida will get install in device.
6. After all installation we will do small smoke test
i. Connect device via usb to pc
ii. Run powershell or command prompt in Administrator mode and run following command:
iii. This will list all running services and application is our iOS device
iv. If target application is not getting listed in this list, open that application and again run command above.
Objection in action continued in next part…..