Nytro Posted January 26, 2014 Report Posted January 26, 2014 gidbgidb is a tool to simplify some common tasks for iOS pentesting and research. It is still a work in progress but already provides a bunch of (hopefully) useful commands. The goal was to provide all (or most) functionality for both, iDevices and the iOS simulator. For this, a lot is abstracted internally to make it work transparently for both environments. Although recently the focus has been more on suporting devices. idb was released as part of a talk at ShmooCon 2014. The slides of the talk are up on Speakerdeck. There is also a blog post on my personal website that I will update with the video of the talk once it is available. Getting Started Visit the getting started guide on the wiki. Bug reports, feature requests, and contributions are more than welcome! Command-Line Version idb started out as a command line tool which is still accesible through the cli branch. Find the getting started guid and some more documentation in the wiki. gidb FeaturesSimplified pentesting setupSetup port forwarding Certificate management [*]iOS log viewer [*]Screen shot utilitySimplifies testing for the creation of backgrounding screenshots [*]App-related functionsApp binaryDownload List imported libraries Check for encrypttion, ASLR, stack canaries Decrypt and download an app binary (requires dumpdecrypted) [*]Launch an app [*]View app details such as name, bundleid, and Info.plist file. [*]Inter-Process CommunicationURL HandlersList URL handlers Invoke and fuzz URL handlers [*]Pasteboard monitor [*]Analyze local file storageSearch for, download, and view plist files Search for, download, and view sqlite databases Search for, download, and view local caches (Cache.db) File system browser [*]Install utilities on iDevicesIi Install iOS SSL killswitch alpha: Compile and install dumpdecrypted [*]Alpha:Cycript console Snoop-It integration Sursa: https://github.com/dmayer/idb Quote
