ios app 복호화 - Clutch 2.x 버전

오랫만에 ios 앱 해킹을 다시 하려다 보니 가물가물해서 간단히 다시 정리하기로 했다. 

복호화 - Clutch 

(https://github.com/KJCracks/Clutch/releases)

# wget  https://github.com/KJCracks/Clutch/releases/download/2.0.4/Clutch-2.0.4

# chmod 755 ./Clutch-2.0.4

# Clutch -i

Installed apps:

1:   *알리미 <com.*******.smartcaremgr>

2:   Find My iPhone <com.apple.mobileme.fmip1>

3:   Google Authenticator <com.google.Authenticator>

4:   Chrome - web browser by Google <com.google.chrome.ios>

5:   Hangouts <com.google.hangouts>

6:   Google Drive - free online storage <com.google.Drive>

7:   신한S뱅크 <com.shinhan.sbank>

8:   Google Sheets <com.google.Sheets>

# Clutch -b 1

ASLR slide: 0x3a000

Dumping <NotificationService> (armv7)

Patched cryptid (32bit segment)

ASLR slide: 0x8d000

Dumping <NotificationContent> (armv7)

Patched cryptid (32bit segment)

Writing new checksum

Writing new checksum

ASLR slide: 0x19000

Dumping <SMail> (armv7)

Patched cryptid (32bit segment)

Writing new checksum

Finished dumping com.shinhan.smartcaremgr to /var/tmp/clutch/59213352-****-4411-****-1A8D42C57BC5

Finished dumping com.shinhan.smartcaremgr in 2.6 seconds

Clutch 업데이트가 중단된걸로 알았었는데 2.0.4 버전이 작년에 나왔다. -i 로 목록을 본 후 -b 로 번호만 지정해주면 끝.