Simple tool to automate brute forcing tasks against iOS apps, using Frida.
- General UIWindow brute force;
- General UIWebView brute force [working];
- UIWindow virtual keyboard brute force [working].
- First, connect an iOS device (with Frida installed) through USB;
- Define your own match-replace placeholders in the Config section of the javascript file;
- Define your success conditions function in the Config section of the javascript file;
- Open the target app and type the placeholders you chose (at step 2) into the corresponding fields;
- Finaly, run the python script with your wordlist files, as shown below:
python2 iOS-UIBruteForcer.py <IOS_APP_NAME_OR_PID> <WORDLIST#1,WORDLIST#2...>