💻
Application Security Cheat Sheet
  • Application Security Cheat Sheet
  • Android Application
    • Overview
      • Application Data & Files
      • Application Package
      • Application Sandbox
      • Application Signing
      • Deployment
      • Package Manager
    • Intent Vulnerabilities
      • Deep Linking Vulnerabilities
    • WebView Vulnerabilities
      • WebResourceResponse Vulnerabilities
      • WebSettings Vulnerabilities
  • CI/CD
    • Dependency
      • Dependency Confusion
      • Dependency Hijaking
      • Typosquatting
    • GitHub
      • GitHub Actions
      • Code owners
      • Dependabot
      • Redirect
      • Releases
  • Cloud
    • AWS
      • Amazon API Gateway
      • Amazon Cognito
      • Amazon S3
  • Container
    • Overview
      • Container Basics
      • Docker Engine
    • Escaping
      • CVE List
      • Exposed Docker Socket
      • Excessive Capabilities
      • Host Networking Driver
      • PID Namespace Sharing
      • Sensitive Mounts
    • Container Analysis Tools
  • Framework
    • Spring
      • Overview
      • Mass Assignment
      • Routing Abuse
      • SpEL Injection
      • Spring Boot Actuators
      • Spring Data Redis Insecure Deserialization
      • Spring View Manipulation
    • React
      • Overview
      • Security Issues
  • Linux
    • Overview
      • Philosophy
      • File
      • File Descriptor
      • I/O Redirection
      • Process
      • Inter Process Communication
      • Shell
      • Signals
      • Socket
      • User Space vs Kernel Space
    • Bash Tips
  • iOS Application
    • Overview
      • Application Data & Files
      • Application Package
      • Application Sandbox
      • Application Signing
      • Deployment
    • Getting Started
      • IPA Patching
      • Source Code Patching
      • Testing with Objection
  • Resources
    • Lists
      • Payloads
      • Wordlists
    • Researching
      • Web Application
      • Write-ups
    • Software
      • AWS Tools
      • Azure Tools
      • Component Analysis
      • Docker Analysis
      • Dynamic Analysis
      • Fuzzing
      • GCP Tools
      • Reverse Engineering
      • Static Analysis
      • Vulnerability Scanning
    • Training
      • Secure Development
  • Web Application
    • Abusing HTTP hop-by-hop Request Headers
    • Broken Authentication
      • Two-Factor Authentication Vulnerabilities
    • Command Injection
      • Argument Injection
    • Content Security Policy
    • Cookie Security
      • Cookie Bomb
      • Cookie Jar Overflow
      • Cookie Tossing
    • CORS Misconfiguration
    • File Upload Vulnerabilities
    • GraphQL Vulnerabilities
    • HTML Injection
      • base
      • iframe
      • link
      • meta
      • target attribute
    • HTTP Header Security
    • HTTP Request Smuggling
    • Improper Rate Limits
    • JavaScript Prototype Pollution
    • JSON Web Token Vulnerabilities
    • OAuth 2.0 Vulnerabilities
      • OpenID Connect Vulnerabilities
    • Race Condition
    • Server Side Request Forgery
      • Post Exploitation
    • SVG Abuse
    • Weak Random Generation
    • Web Cache Poisoning
Powered by GitBook
On this page
  • Add FridaGadget.dylib to project
  • Build & Deploy
  1. iOS Application
  2. Getting Started

Source Code Patching

PreviousIPA PatchingNextTesting with Objection

Last updated 3 years ago

In order to start analyzing and managing an iOS app without jailbreak, the app's source code itself needs to be patched to load the FridaGadget.dylib on start. In these cases, you can simply load the FridaGadget.dylib as part of the Xcode project and deploy it on an iOS device or simulator.

Add FridaGadget.dylib to project

To add FridaGadget.dylib to project in XCode:

  • Create a Frameworks folder in the project root.

    $ mkdir Frameworks
$ cd Frameworks

  • Download FridaGadget.dylib from and extract it.

    $ curl -Lo FridaGadget.dylib.xz https://github.com/frida/frida/releases/download/<version>/frida-gadget-<version>-ios-universal.dylib.xz
$ unxz FridaGadget.dylib.xz

  • Go to the project's root and select the Build Phases, find the section title Link Binary With Libraries and drag the dylib from the Frameworks folder on the left of Xcode to the existing list.

  • Go to the project's root and select the General, find the section title Frameworks, Libraries, and Embedded Content and set FridaGadget.dylib in the Embed column to Embed & Sign.

Build & Deploy

You can now build the project and deploy it to an iOS device or simulator.

here
xcode-link-dylib
xcode-embed-sign-dyli
xcode-deploy-console-output