Research Updated Jan 23, 2024

Objection iOS Hooking for apps

Objection

Objection, by Orange Cyberdefense's Ethical Hacking Team, stands as an innovative runtime iOS exploration toolkit designed to empower users in evaluating the security resilience of apps, all without the necessity of a jailbreak. This powerful tool facilitates the extraction and modification of apps, circumvention of SSL pinning, scrutiny and manipulation of container file systems, among other advanced functionalities.

What is Objection?

Objection presents a versatile toolkit, enabling a range of capabilities for security testing and app analysis. In the realm of application modification, Objection integrates Frida gadgets into both iOS apps. This integration supports not only objection but also Frida itself, allowing for effective patching. It is possible to extend the core features of Objection using plugins.

Navigating the filesystem is made intuitive with Objection, empowering users to effortlessly list entries and perform file uploads and downloads within permissible boundaries. Memory-related tasks become more accessible as Objection facilitates the enumeration of loaded modules and their corresponding exports. This insight aids in comprehending the app's memory structure.

Security testing is enhanced through Objection's ability to simulate and bypass jailbroken or rooted environments, ensuring robust measures against potential vulnerabilities. For a deeper understanding of the application's architecture, Objection enables the discovery of loaded classes and the listing of their respective methods. Objection is powered by Frida.

Objection iOS Hooking Toolkit running in terminal.

SSL pinning, a common security measure, can be bypassed using Objection, facilitating seamless communication even in secure environments. Dynamic extraction of arguments from invoked methods during interactions with the target app adds a layer of real-time analysis capability. Objection, as a robust iOS library, offers multifaceted capabilities for security testing and analysis. It allows security professionals to delve into the inner workings of iOS apps.

Engaging with SQLite databases is streamlined, as Objection allows in-line interaction without the need to download the targeted database or resort to external tools. Flexibility is a key feature, with Objection supporting the execution of custom Frida scripts. This adaptability ensures a tailored approach to security testing based on specific requirements.

One notable feature is the ability to seamlessly dump and export data from the iOS keychain. This provides valuable insights into the secure storage of sensitive information. Common storage areas, such as NSUserDefaults and NSHTTPCookieStorage, can be explored and analyzed with Objection, enabling the extraction of pertinent data relevant to application.

Data dumping extends to various formats, ensuring that information is presented in a human-readable manner. This feature aids in the interpretation and analysis of diverse data sets during security assessments. For apps employing TouchID, Objection provides mechanisms to bypass specific restrictions, facilitating thorough testing of biometric authentication measures.

Method execution monitoring is a powerful aspect of Objection, allowing users to observe the execution of methods within an iOS app. This provides visibility into the app's logic and behavior. The iOS pasteboard, a critical element in data sharing, can be monitored using Objection. This capability is useful for understanding how data is managed and exchanged.

Encoded .plist files, often used for configuration purposes, can be dumped in a human-readable format without the need for external parsers. This simplifies the analysis of configuration files and encoded data structures. Objection equips security professionals with a set of tools to scrutinize, understand, and assess the security landscape of iOS apps. Its diverse features contribute to a thorough examination of an app's security posture and potential vulnerabilities.

DVIA v2 application provides a legal environment to test your iOS Pentesting skills using Objection. If offers a lot of security features for iOS apps that can be exploited using Objection.

Alternatively, consider employing FLEX, an in-app debugging and exploration tool designed for iOS. Several jailbreak tweaks serve as FLEX wrappers, enabling you to debug iOS, hook into systems, and craft your custom modifications and tweaks without relying on an API. Notably, FLEXList and FLEXall stand out as among the best options available for this purpose.

How to install Objection

Setting up and configuring Objection for use should be a quick process, typically taking just a few minutes. Installing Objection is uncomplicated, although a few prerequisites must be met on your system before you commence. Ensure that Python (preferably 3.x) is installed. Objection is compatible with operating systems such as Windows, macOS, or GNU/Linux.

pip install objection

Objection Hooking Commands

List all classes

ios hooking list classes

Listing all methods

ios hooking list class_methods

Search for classes

ios hooking search classes example_class

Search for methods in class

ios hooking list class_methods example_class

Watching a method

ios hooking watch class example_class

Bypassing jailbreak detection

objection -g 'Firefox' explore
ios jailbreak disable

Bypassing SSL/Certificate Pinning

objection -g 'Firefox' explore
ios sslpinning disable --quiet

What's new

  • Updated Objection to the latest version.
  • Overall improvements and bug fixes.
  • Update agent dependencies.
  • Add a new iOS monitor crypto command.
  • Improve support for patching iOS applications.

Sponsored links

Post a comment

Latest Posts

Jailbreak

Dopamine 2.0 Jailbreak

Dopamine 2.0 Jailbreak

Lars Fröder has announced the rebranding of Fugu15 Max to Dopamine. This newly developed jailbreak is specifically designed to provide A12+ devices running Dopamine with the ability to utilize tweak injection (ElleKit) features on iOS 15. Dopamine...

Research

Rootless tweaks repositories

Rootless tweaks repositories

Installing jailbreak tweaks typically requires adding a repository and installing the package on your iPhone. However, the installation process differs slightly with Dopamine 2.0 for iOS 15 – iOS 16. This is because a repository must support rootless...

Tweaks

Jailbreak tweaks for Dopamine

Jailbreak tweaks for Dopamine

Dopamine Jailbreak for iOS 15.0 – iOS 16 was finally released. It supports newer devices such as iPhone XS through iPhone 14 Pro. However, as this jailbreak is rootless, you need to install rootless tweaks that are compatible with your iPhone...