iRET helps iOS penetration testers perform more efficiently

iRET: The iOS Reverse Engineering Toolkit | Veracode

iRET is a set of tools that allows you to automate many of the manual tasks an iOS penetration tester would need to perform in order to analyze and reverse engineer iOS applications. And the bonus is...this can all be performed right on the device.


Features of the iRET toolkit

  1. Main iRET page lets you know what tools need to be installed, and even tells you if they aren’t.

  2. Binary analysis tab automates the execution of otool, which is used to extract information about the binary. The displayed data includes binary header information, such as if PIE is enabled and targeted architecture. It identifies if the binary is encrypted, if it has stack-smashing protecting enabled, and if it has automatic resource counting enabled.

  3. Keychain analysis tab automates the execution of ptoomey’s “keychain_dumper” utility. This utility allows the user to analyze the keychain contents, including passwords, keys, certificates, etc. for any sensitive information.

  4. Database analysis tab automatically populates a dropdown containing all databases (.db, .sqlite, .sqlite3) found within the selected application. Once a database is selected from the dropdown, sqlite3 is automated to display the content of the database.

  5. Log viewer tab provides the user with a dropdown menu with all identified log and text files associated with the selected application and allows the user to review the last 100 lines of the system log (syslog) file contained on the device. 

  6. Plist viewer tab fills a dropdown with all of the property list files that were found for the selected application. When the user selects a property list file from the dropdown, its content will be displayed to the user.

  7. Header files tab identifies if the binary is encrypted and automatically decrypt it if so. After decryption it performs a class dump of the unencrypted binary into separate header files and loads those files into a dropdown menu. Once a header file is selected from the dropdown, the content of this header file is automatically converted to a theos logify format allowing the user to easily copy/paste the content into the theos tab for quick theos tweak creation.

  8. Theos tab allows the user to create, edit, save and build a theos tweak in just minutes.

  9. Screenshot tab allows the user to view the cached screenshot, if any, of the selected application.

View screenshots of the toolkit

Download the toolkit

Click here to download the zip file of toolkit.

User guide

Visit our iRET blog post to view step-by-step instuctions on how to use the iRET toolkit.