Yet another frida based iOS dumpdecrypted. Also decrypts app extensions
MIT License
Yet another frida based App decryptor. Requires jailbroken iOS device and frida.re
Tested on iOS 15 (Domapine) and iOS 16 (palera1n).
The name of this project doesn't have any meaning. I was just listening to that song while typing.
With Cydia or Sileo:
npm install
, your node.js might be either too new or too old. Try to use nvm
to install a compatible version or download the correct installer.zip
or 7z
command is needed to create zip archive. On most of the distros, you don't need to install them manually.npm install -g bagbak
bagbak [bundle id or name]
Options:
-l, --list list apps
-U, --usb connect to USB device (default)
-R, --remote connect to remote frida-server
-D, --device <uuid> connect to device with the given ID
-H, --host <host> connect to remote frida-server on HOST
-f, --force override existing files
-d, --debug enable debug output
-r, --raw dump raw app bundle to directory (no ipa)
-o, --output <output> ipa filename or directory to dump to
-h, --help display help for command
Environments variables:
DEBUG=1
enable debug output for troubleshootingDEBUG_SCP=1
debug SCP protocolSSH_USERNAME
username for iPhone SSH, default to root
SSH_PASSWORD
password for iPhone SSH, default to alpine
SSH_PORT
port for iPhone SSH. If not given, bagbak will scan port 22 (OpenSSH) and port 44 (Dropbear)Example:
bagbak -l
to list all appsbagbak --raw Chrome
to dump the app to current directorybagbak com.google.chrome.ios
to dump app to com.google.chrome.ios-[version].ipa