Quantify Cyber Risk Now

header ads

iOS Application Security | Part 2 | Preparing iPhone for Application Security


This article introduces some of the important tools that an iOS Security Analyst must install in order to prepare the iPhone for application security. Jailbreaking an iPhone is a prerequisite as explained in the previous post. Let us look at series of actions that need to be performed for starting application security after jailbreaking the iPhone.

Accessing the iPhone’s File System: The Android Way

After a successful jailbreak, you have the ability to access every file on your device. For doing this, the simplest way is to install a file manager for your ‘jailbroken’ iPhone. ‘Filza File manager’ is one of the most useful applications for this purpose.

It is available from the BigBoss repository packages. If the BigBoss repository is not present on Cydia, you can install it by adding http://apt.thebigboss.org/repofiles/cydia/ to the list of repositories.

Filza File Manager will now be available for installation as shown in the screenshot.

Search for Filza File manager and install the application as shown in the screenshot.

It will now be available with the other applications on the iPhone.

Open Filza. You will now be able to see the complete file system of your iPhone from ‘/’ (root) directory as shown.

The Secure SHell (SSH)

The next step is to prepare your iPhone to be accessed from the command line. For this, SSH is the most widely technique used. For iOS 9 and below, OpenSSH and OpenSSL need to be installed from Cydia. From iOS 10 and above, the jailbreaking tools support Dropbear SSH client as OpenSSH seems broken for devices running on iOS 10 and above.

To SSH into your iPhone,
  • Your computer and iPhone must be connected to the same local network and
  • SSH client must be installed on your computer.

Open Settings on your device and head over to Wi-Fi. Tap on the SSID of the network that you are connected to.

Note down the IP Address ( in this case).

On your computer, go to the system terminal or command line and type the following command:

ssh root@<IP Address>

If you are connecting to the device for the first time, an authentication message will be shown as shown in the screenshot below.

Type ‘yes’ and press Enter. Now you will be asked for a password. Type in the ‘root’ user’s password that you have set after jailbreaking the iPhone and press Enter.

Now, you have successfully made an SSH connection to your iPhone from your computer.

Note: If you encounter an error while connecting to the iPhone using SSH, refer to the jailbreak forums and channels on reddit.

For example, in iOS 10 and above, the dropbear SSH client allows only localhost SSH connections by default. To make an SSH connection using your computer, refer to the following URL:


The Secure File Transfer Protocol (SFTP) and Secure CoPy (SCP)

Another set of important tools for a jailbroken device is SFTP and SCP. Both of them perform the same task i.e. copying a file from a computer to the iPhone and vice versa.

To get these tools on devices running on iOS 9 and below, OpenSSH and OpenSSL must be installed from Cydia. For devices running on iOS 10 and above, “SCP and SFTP for Dropbear” must be installed from Cydia as shown in the screenshot.

To transfer files using these tools, the following commands can be used:
  • sftp root@<IP_Address> (followed by get and put commands)
  • scp root@<IP_Address>:<Remote_Path> <Local_Path> (put command)
  • scp <Local_Path> root@<IP_Address>:<Remote_Path> (get command)

Other Useful tools

Most of the banking applications and other secure applications either crash or display a message saying that ‘Jailbroken device is not supported’. As a security analyst, it is important to make these applications run on your jailbroken device in order to perform security analysis of the applications.

There are other necessary tools available to perform various tasks such as SSL Pinning Bypass, iOS Keychain dump and class dump from the application's binary.

For this purpose, publicly available tools can be installed through Cydia application or using command line (SSH) depending on the availability of the tool. For installation through SSH, one should install “APT” Package from Cydia.

Some of the necessary tools available are:

Name of the tool
Installation Source
IPA Installer
Installing an IPA file from GUI or command line
Bypassing Jailbreak Detection
Bypassing Jailbreak Detection
Command line
SSL KillSwitch
Bypassing SSL Pinning
Command line
iOS application decryption
Command line
Run-time analysis and Method hooking
Method hooking
Command line
Class Dump Z
Dump classes of an unencrypted iOS application
Execute commands on iPhone
Snoop-it (for 32 bit iOS devices)
Run-time method hooking
Dump and analyse IPA file
Keychain dumper
Dump iOS keychain
Command line

Note: You must be careful while installing applications from untrusted repositories. Even one malicious application can brick your iPhone or at worse compromise your privacy and security of the device. Hence, always install the application from trusted sources.


By following this article, we have seen some of the necessary tools required for iOS application security assessment. The foundation of static analysis of iOS applications lies within these tools. After successfully setting up these tools, we are more than ready to dive in iOS application’s security analysis. Up next, we will be discussing the iOS file system and architecture of an iOS application.

Image References:- https://images.google.com/

Post a comment