AppStore App 解密

AppStore 上的app都是经过加密的，如果想要砸壳，或者干别的事情。首先要解密，最近在github上发现了一个比较牛掰的项目Clutch，可以给app解密，所以在这里写一个使用心得。

1. git clone 最新版 clutch

localhost:~ wany$ git clone https://github.com/KJCracks/Clutch.git clutch

2. 编译clutch项目

localhost:~ wany$ cd clutch
localhost:clutch wany$ xcodebuild -project Clutch.xcodeproj -configuration Release ARCHS="armv7 armv7s arm64" build

编译之后会在~/clutch/clutch 下生成一个可执行clutch文件

3. clutch 可执行文件拷贝到iPhone 内(我的iPhone的ip地址为：192.168.00.00)

localhost:clutch wany$cd clutch
localhost:clutch wany$ scp clutch [email protected]:/usr/bin
[email protected]'s password: 
localhost:clutch wany$ cd ~

4. ssh 连接到iPhone

localhost:~ wany$ ssh [email protected]
[email protected]'s password:
wany-iPhone:~  root# chmod 7777 /usr/bin/clutch
wany-iPhone:~  root# clutch -i                   (查看ipone中应用列表)
1. app1
2. app2
..... 省略部分......
wany-iPhone:~  root# clutch -d 2
Zipping Detection of color blindness.app
ASLR slide: 0xe7000
Dumping  (armv7)
Patched cryptid (32bit segment)
Writing new checksum
DONE: /private/var/mobile/Documents/Dumped/com.xxx.app2-iOS7.0-(Clutch-2.0.4)-2.ipa
Finished dumping com.pinping.Seruodetection in 8.0 seconds
wany-iPhone:~  root# logout
Connection to 192.168.00.00 closed.
localhost:~ wany$

5. 解密的ipa包，保存在/private/var/mobile/Documents/Dumped/ 目录下。可使用ssh , 或者iTool Pro 导出
   ssh 导出

localhost:~ wany$ scp [email protected]  ~/Desktop
password:
localhost:~ wany$ cd ~/Desktop
localhost:Desktop$ ls
com.xxx.app2-iOS7.0-(Clutch-2.0.4)-2.ipa
.....省略其他.....
localhost:~ wany$