Decrypting iOS Applications

Ignoring the fact of piracy, I love jailbreaking my device. Inspecting 3rd party apps and checking out their headers can give you an idea as to how they were created - which in my opinion is a great way to learn.

Thanks to all the open source tools that are avaliable, it’s extremely trivial to do this.

• Jailbreak your device
• Download the app from the AppStore
• Decrypt the app (I used Clutch)
• Use class-dump-z to extract the headers from the decrypted binary.
• Use strings to extract all the strings from the decrypted binary

Now you can have some fun and poke around in the headers to get an idea of the app’s architecture. The strings file may turn up any hardcoded keys (think API keys) and I’ve noticed it usually has the path to the project file on the machine that it was built on.

Try this on an app you’ve made, it’s interesting what you can find out. Maybe it’ll even inspire you to figure out how to avoid this - it’s something I’ve never thought about really, until now - and help prevent your apps from being decrypted so easily.

Other interesting notes

• Peter Steinberger has been playing with Reveal and the recent iOS7 jailbreak. Inspecting 3rd party apps’ view heirachy live! Check out his post on how to do that on his website.
• http://stevenygard.com/projects/class-dump/
• Check this out for instructions to install Clutch (Not for iOS7, but it’s similar)