I’ve been doing a lot of mobile testing lately, with more of a personal focus on my unicorn that is iOS testing. I always did Android testing, so iOS testing escaped my clutches, however, like everything else, you just need to grab the bull by the horns sometimes.
Here’s some tips for the things you’ll need to sort out after you jailbreak your iOS 11.2 – 11.3.1 device with Electra.
Test device: iPhone 6S 16Gb
Electra Version: 1131-1.0.3
APT is used in JailBroken iPhones to download and install packages much like Linux, however, my Jailbreak didn’t come with it. So go into Cydia, and install the following to get APT working:
Apt Strict 1.4
This will allow you to install packages using the ‘apt install’ command on the device.
Filza File Manager downloaded from Cydia is a great GUI file and folder viewer for iOS. If not the best I’ve used so far. Absolutely essential. Just search ‘Filza’ in Cydia and install.
Frida is a great tool, but frustratingly it doesn’t come with an easy setup. I’ve had issues with USB connections in the latest versions and the newest (at the time of writing) 12.2 is no different. You can install Frida from Cydia by adding the Frida build repository, however, I’d advise installing it manually (steps in this post) so that you have more control on launching the server with certain parameters.
USB connections haven’t worked for me in Windows 10, Kali or Kali subsystem so I’ve had to resort to using frida over network to get it running. If I get it fixed, I’ll make sure to write about it. In the meantime to get Frida working, spin up the server on the phone with the following command:
frida-server -l 0.0.0.0 &
Then on your client run
frida-ps -H IP_of_device
That’ll give a quick n dirty way of seeing running processes. I know running frida server like that is dodgy, but if you’re crazy about it, just put your laptop IP in instead of 0.0.0.0.
One of the smallest issues people tend to forget is to install the Burp Cert. So don’t forget it!!
Liberty is a bit of software from Cydia that claims to bypass JailBreak protection in most big name apps. Developed by Ryley Angus, it’s constantly being worked on, and seems to be popular. I haven’t had great success with it, however, it’s one of those boxes to tick to make sure.
Add the repo in Cydia by adding the link below:
Navigate to All Packages and install Liberty Lite. You’ll find the main bulk of the app in the Settings area of the iPhone where you can attach an app to it.
Had a shocker of a day trying to find one that works on iOS 11. If you add the repo below (if it isnt already there) you will be able to add it:
Go into ‘All Packages’ and scroll till you find ‘NewTerm2 (iOS7 – 11)’ This works perfectly and is all you need really.
You can install wget from the newly installed terminal the same way you do on linux
apt install wget
You can also install curl. Might be useful at some point
apt install curl
I’ll add more to this as I go. More of a mental reference for myself to get from anywhere.