dumpdecrypted

发表于   |   分类于

下载 dumpdecrypted

https://github.com/stefanesser/dumpdecrypted

解压然后进入

生成 dumpdecrypted.dylib

1
make

连接手机

1
ssh root@192.168.1.5

输入密码

alpine

在手机上只打开需要砸壳的应用程序

cycript 找到两个文件目录

1
2
3
ps -e | grep /var

/var/containers/Bundle/Application/03A704C6-1953-4EA4-9A84-BAABFC4FE769/WeChat.app/WeChat

记住 /var/containers/Bundle/Application/03A704C6-1953-4EA4-9A84-BAABFC4FE769/WeChat.app/WeChat

后面需要用

找到微信的目录并复制

1
2
3
4
5
cycript -p WeChat

[[NSFileManager defaultManager] URLsForDirectory:NSDocumentDirectory inDomains:NSUserDomainMask][0]

/var/mobile/Containers/Data/Application/33ECAA71-18D0-48B1-A884-266EE5FC0977/Documents/

dumpdecrypted.dylib 复制到刚才的那个目录

1
scp dumpdecrypted.dylib root@192.168.1.5:/var/mobile/Containers/Data/Application/33ECAA71-18D0-48B1-A884-266EE5FC0977/Documents/

进入到目录

1
cd /var/mobile/Containers/Data/Application/33ECAA71-18D0-48B1-A884-266EE5FC0977/Documents/

砸壳

1
DYLD_INSERT_LIBRARIES=dumpdecrypted.dylib /var/containers/Bundle/Application/03A704C6-1953-4EA4-9A84-BAABFC4FE769/WeChat.app/WeChat

如果出现

1
2
dumpdecrypted.dylib: required code signature missing for 'dumpdecrypted.dylib'
Abort trap: 6

执行

1
ldid -S dumpdecrypted.dylib

再重新砸壳

1
DYLD_INSERT_LIBRARIES=dumpdecrypted.dylib /var/containers/Bundle/Application/03A704C6-1953-4EA4-9A84-BAABFC4FE769/WeChat.app/WeChat

ls

看到 WeChat.decrypted 就说明砸壳成功

然后就可以拷贝到电脑上了

1
scp WeChat.decrypted yz@192.168.1.3:/Users/yz/Desktop/