Skip to content

Fast iOS executable dumper

Notifications You must be signed in to change notification settings

secureonelabs/Clutch

 
 

Repository files navigation

Clutch

Clutch is a high-speed iOS decryption tool. Clutch supports the iPhone, iPod Touch, and iPad as well as all iOS version, architecture types, and most binaries. Clutch is meant only for educational purposes and security research.

Clutch requires a jailbroken iOS device with version 8.0 or greater.

Usage

Clutch [OPTIONS]
-b --binary-dump     Only dump binary files from specified bundleID
-d --dump            Dump specified bundleID into .ipa file
-i --print-installed Print installed application
--clean              Clean /var/tmp/clutch directory
--version            Display version and exit
-? --help            Display this help and exit

Clutch may encounter Segmentation Fault: 11 when dumping apps with a large number of frameworks. Increase your device's maximum number of open file descriptors with ulimit -n 512 (default is 256).

Building

Requirements

Disable SDK code signing requirement

killall Xcode
cp /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk/SDKSettings.plist ~/
sudo /usr/libexec/PlistBuddy -c "Set :DefaultProperties:CODE_SIGNING_REQUIRED NO" /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk/SDKSettings.plist
sudo /usr/libexec/PlistBuddy -c "Set :DefaultProperties:AD_HOC_CODE_SIGNING_ALLOWED YES" /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS.sdk/SDKSettings.plist

Note that if you update Xcode you may need to run these commands again.

Compiling

Xcode

xcodebuild clean build

CMake

mkdir build
cd build
cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_TOOLCHAIN_FILE=../cmake/iphoneos.toolchain.cmake ..
make -j$(sysctl -n hw.logicalcpu)

Installation

After building, a copy of the binary named Clutch is placed in the build directory. Copy this to your device:

scp ./build/Clutch root@<your.device.ip>:/usr/bin/Clutch

If you are using iproxy, use this line (replace 2222 with a different port if necessary):

scp -P 2222 ./build/Clutch root@localhost:/usr/bin/Clutch

When you SSH into your device, run Clutch.

If you are using the unc0ver jailbreak, you may need to run the following:

inject /usr/bin/Clutch

Licenses

Clutch uses the following libraries under their respective licenses.

  • optool by Alex Zielenski
  • ZipArchive by Matt Connolly, Edward Patel, et al.
  • MiniZip by Gilles Vollant and Mathias Svensson.

Thanks

Clutch would not be what it is without these people:

  • dissident - The original creator of Clutch (pre 1.2.6)
  • Nighthawk - Code contributor (pre 1.2.6)
  • Rastignac - Inspiration and genius
  • TheSexyPenguin - Inspiration

Contributors

Copyright

© Kim Jong-Cracks 1819-2017

About

Fast iOS executable dumper

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Objective-C 51.1%
  • C 46.8%
  • CMake 2.1%