Jail-breaking IOS 10.3.3 (32 bit) for Security Assessment of an iOS application (OWASP)

Photo by Przemyslaw Marczynski on Unsplash

In order to analyze an IOS application (IPA) you will require an emulator or a jail broken IOS device. Here is a tutorial to sort you out with Jail breaking an IOS and installing the OWASP prerequisite tools:

Tutorial

After 2 hours of Googling, failed installations and probable malware infection on my Windows system i managed to Jailbreak an Apple Device and below is a guide to assist with the setup.

What will you need?

• A Windows System — I used a virtual machine to make sure my system will not be infected by any malware. You can take a snapshot of your VM to be able to revert back.
• An IOS device
• A lot of Googling and never give up attitude.

What are the steps?

1. Search for Cydia an alternative Apple App Store for “jailbroken” devices. Landed on the following link — https://pangu8.com/cydia/ with details on how to Jailbreak iOS devices.
2. My iOS device had 5 different Jailbreaking tools but since i am working with a 32 bit device, I chose the 3rd option “H3lix Jailbreak for iOS 10.3.3 — iOS 10 (32-bit devices)”

3. The site provides a tutorial on how to Jailbreak the device. Make sure you have downloaded the Cydia Impactor tool and the H3lix IPA file to setup on your device.

For my device, I am using the Semi-untethered jailbreak which means every time I reboot my phone I have to re-jailbreak the device by starting the h3lix application.

4. Follow the instructions as indicated and if you get any errors make sure that you are not setting up the default extender application on the Impactor application and also confirm that your device is actually a 32 bit and not 64 bit if you are following this tutorial.

You will need an Apple ID for the setup

5. After setup click on the Cydia icon on your phone, click on it and add new sources to setup your tools.

Go to Sources → Edit → Add → (Enter new source) → Add Source → Done

Cydia Sources

Tools

BigBoss and Saurik packages have the following tools which you can install

• OpenSSH — Remote device access
• Aptitude
• WGET
• unrar
• less
• sqlite3
• Class Dump
• Cycript
• Applist
• AppSync Unified
• PreferenceLoader
• Darwin CC Tools

BigBoss Source — ** Important

You can also add external URLs to install other tools as listed below:

• Newterm2 (Terminal) — https://repo.chariz.io
• BigBoss package (Default) — http://apt.thebigboss.org/repofiles/cydia/
• HackYouriPhone repository — http://repo.hackyouriphone.org
• Frida — https://build.frida.re
• adv-cmds (Commandline tools) — http://apt.saurik.com/
• IPA Installer console — https://cydia.saurik.com/package/com.autopear.installipa/
• NeedleAgent — http://mobiletools.mwrinfosecurity.com/cydia/

Add sources using URL

Things to note

• The default users are root and mobile and the password is alpine.
• Change the default password for both users root and mobile.
• Jail breaking your device may cause some performance issues.

Other useful tools from the OWASP Guide (support for iOS 7+)

• Introspy
• IDB
• Needle

What to do next?

After setting this up you can now follow the OWASP MSTG tutorial on setting up and testing your tools.

That’s it on jail breaking an IOS device. For this and more subscribe

Barbara Munyendo

Serianu Limited