dumpdecrypted StoreApp砸壳
2018-04-01 本文已影响19人
AceKitty
dumpdecrypted: app砸壳 github开源,编译过后才能使用
- 从github上下载dumpdecrypted源码
git clone git://github.com/stefanesser/dumpdecrypted/
- 编译dumpdecrypted.dylib
make
- ps命令定位待砸壳的可执行文件位于
ps -e
/var/mobile/Containers/Bundle/Application/54EC18C2-662D-416F-B4AC-4C3C740ED3BF/WeChat.app/WeChat
- Cycript找到TargetApp的Document目录路径
cycript -p TargetApp
cy# NSHomeDirectory()
/var/mobile/Containers/Data/Application/12283242-8A90-40E5-91B1-7D98767BB2B8/Documents/
- 将dumpdecrypted.dylib拷贝到document目录下
scp ~/Desktop/dumpdecrypted/dumpdecrypted/dumpdecrypted.dylib root@192.168.20.20:/var/mobile/Containers/Data/Application/12283242-8A90-40E5-91B1-7D98767BB2B8/Documents/
6.开始砸壳
DYLD_INSERT_LIBRARIES=dumpdecrypted.dylib /var/mobile/Containers/Bundle/Application/54EC18C2-662D-416F-B4AC-4C3C740ED3BF/WeChat.app/WeChat
- 当前目录下会生成Target.decrypted.dylib即是砸壳过后的文件
