Worth noting - compiled Obj-C iOS apps are actually much easier to reverse engineer than most binary formats.
It’s not as trivial as a simple APK, but if you dump an Obj-C iOS app into Hopper, you’ll find that almost every code-path is helpfully labelled with its selector, which makes even ASM relatively readable.
Swift is not as heavily affected by this, as most of its symbols are stripped at runtime. Obj-C can’t really have its symbols stripped properly, because Obj-C selector messaging is built entirely on strings.
I have heard of this before, but didn’t read into it much.
I don’t believe you are correct saying “much easier to reverse engineer than most binaries”, you may get to the headers and paths etc. I know that the apps are protected by Apple’s DRM system, which encrypts segments of the app (not the paths for example), and the keys are unique per device also.
Its possible using a jailbroken device to get the keys to decrypt the application - but jailbroken to me is non-existent as I see 0 point in it.
As with anything - nothing is impossible to reverse enginner (I know I had lots of fun with PPC). I do believe though that iOS apps are protected better than .NET (Windows), Java (Android), etc, don’t you agree?
I have found usually that if you just download the binary through the Mac version of iTunes, nothing seems to be protected in any meaningful way.
Maybe iOS and OSX apps are protected differently. That’s interesting, I will look into that I’v got a few Mac apps that I want to know how they work .
Interesting, the same is not true for me with IDA. Hopper will accept it but ultimately fails to actually produce a useful disassembly. I generally have to run iOS binaries through private tools before I can RE them.
iOS apps downloaded to the desktop iTunes seem to work too. i.e.:
Do you intend to share the code?
Hey! A friend and I are currently working on a Mac client. No promise of when it will launch as we’re just working on it during our spare time but you can sign up for the beta here
Here’s a little sneak peek - https://twitter.com/quidsapp/status/722008388423561216
Signed up. Love a good native mac app.
This looks interesting, would be happy to beta test that.
Me to. Should be worth trying out.
Would it be worth using Electron for cross-compatible desktop apps, @robcalcroft?
I can’t check this out at the moment but I’m sure it’s awesome so…you should submit a pull request to get Monzoweb added to this list -
Ah, I searched for monZoweb…
Also whilst third party, you may want to take a look at something another member mentioned in a previous thread a short while back called Quids which their website describes as “the personal bank feed for your Mac.”
I think it looks and sounds pretty similar to the feature request you was after Jay?
Is there any updates on this? The Quids app seems to be in beta testing and having lost my smartphone I’m having a bit of a crisis…