Objection - CraigDonkin/ios-testing GitHub Wiki
Overview
Objection is a great tool for mobile exploration.
Download Link:
https://github.com/sensepost/objection
Installation
pip3 install -U objection
Frida
Frida-Server needs to be installed on the device
cydia > Manage > Sources > edit > add > https://build.frida.re > install frida
Usage
Run objection on the command line to get the CLI
The REPL will autocomplete commands when the tab key is pressed
To connect objection to a particular process run:
- On the testing laptop run frida-ps -U and grep for the app being tested
- Hook the process with the -g flag and then run explore
frida-ps -U | grep APPNAME
objection -g app explore
Commands
| Command | Description |
|---|---|
| env | prints out information about the app environment |
| pwd print | shows the directory you are currently in |
| ls | like in Linux lists the files in that directory as well as properties |
| file download/upload | Download or upload a file |
| iOS | specific commands that can work with iOS |
| iOS plist cat info.plist | prints out a plist |
| ios sslpinning disable | built in ssl pin bypass |
| iOS jailbreak disable | built in jailbreak disable |
| iOS hooking | functions for hooking methods, printing class info, changing return values etc |
| ios hooking list classes | class dump |
| ios hooking search classes [string] | search for a class |
| help command | prints useful help information |