prateek147 / dvia-v2 Goto Github PK

Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested up to iOS 11. The current version is writen in Swift and has the following vulnerabilities.

Home Page: http://damnvulnerableiosapp.com

License: MIT License

Swift 88.20% Objective-C 9.61% C 2.03% Ruby 0.16%

mobile-app jailbreak security ios-swift

dvia-v2's Introduction

DVIA-v2

DVIA-v2 written in Swift along with additional vulnerabilities

Local Data Storage
Jailbreak Detection
Excessive Permissions
Runtime Manipulation
Anti Anti Hooking/Debugging
Binary Protection
Touch/Face ID Bypass
Phishing
Side Channel Data Leakage
IPC Issues
Broken Cryptography
Webview Issues
Network Layer Security
Application Patching
Sensitive Information in Memory

Installing DVIA on any iOS device

The best way to install DVIA from a Mac is using Apple Configurator App. If you are using Windows or Linux, you can use AltStore, Cydia Impactor etc. A paid developer account might be required in some cases.

Compiling DVIA using Xcode

Steps

Clone the DVIA repo , git clone https://github.com/prateek147/DVIA-v2
cd to the project root directory where the Podfile is present (/DVIA-v2/DVIA-v2). Then run pod install
Open the DVIA-v2.xcworkspace file with Xcode. You can now directly run the app on a simulator.
For running on the device, go under Project settings in Xcode on the top left, head over to the General tab and under Signing, enter credentials for your Apple ID.
Now you can build and run the project on the device. You will have to trust the app again by going under Settings -> General -> Device Management.

dvia-v2's People

Contributors

Stargazers

Watchers

Forkers

m00zh33 shantanu561993 opt9 5up3rc fasttorwa naveenselvan asterisch harry1080 arunm201192 thats-ok oguzbor rajivraj tobey123 kevinlee1984 ziedsn charygao dev4shane wilsonleeee doubiduo veenveenveen suntabu dweinstein iosreverseenggtools 2raptor dsolaborg qlwangqinghai ruytaan jespinhara stevenchen0x01 orf53975 ro9ueadmin xsec seedaily gwendrez mackentoch darrynza vladimir12 suasm productinfo planetminguez modulexcite donkrasnov at5hk infosecmember michaelrhughes crsantos biscuitehh masterscott alchemycyberblaze hweisheimer ekucet 5l1v3r1 kipyegonmark shahid1996 prevelate bpelaia david1mdavis fishso gr3yr0n1n sickoleager gwhittemore-veracode bbhunter dns43 dmachine44 stjordanis evanshay 0x4ngk4n gubraun dki cnkcq drewgallis mobsf anubisant papicella snahvalabs existentializm josiprezic valimuschi sajibekanti skattela cx-demo maksimsoldatov jazzshaikh gitwk86 dylanbthomas snyk-schmidtty virangdoshi rahulsharma2905 phuongdt subedibibek-cmd shivam11506226 hobo-hilly taiji-xo eventomer viizard bypazs cybermilosz fabrizio199-org sultan-qa cxtomer-demo

dvia-v2's Issues

Several Security Vulerabilities

This app has several security vulnerabilities, even a Touch ID bypass. Please fix them. :)

unbound variable

when compiling code, xcode errors out stating...

DVIA-v2/DVIA-v2/Pods/Target Support Files/Pods-DVIA-v2/Pods-DVIA-v2-frameworks.sh: line 132: ARCHS[@]: unbound variable
Command PhaseScriptExecution failed with a nonzero exit code

Google Search Meta Data

Hey, you might want to look into this:

update to work on iOS 15+

where are the solutions?

Build Errors in Swift version

Hi Prateek,

Attemptoing to run Swift version in Simulator per instructions. I chnge a few settings to make Build go, but few errors left. Opening Workspace only and running pods install etc. etc. Run Command-R and almost completes but for few Swift compilation errors (attached screen).

Thank you for any guidance.

XCode 14.3 build issue

This repo is affected by the XCode 14.3 and cocoapods issue. The below solution worked for me.

Solution: (Credit: https://stackoverflow.com/a/75920796)

cd /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/

sudo mkdir arc

# While executing the above command, the OS will block it
# and give an error. Allow permission from the settings
# and run the command again.

cd arc
sudo git clone https://github.com/kamyarelyasi/Libarclite-Files.git .

More info

Build fails on XCode 14.3 with these errors for Realm or Bolts.

File not found: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/arc/libarclite_iphonesimulator.a
Linker command failed with exit code 1 (use -v to see invocation)

I tried this solution, which didn't seem to fix it.
https://stackoverflow.com/a/75980471

Sudo concern

Sudo and Github are a bad mix. I'd recommend an alternative if someone can get one working.

References:
https://github.com/kamyarelyasi/Libarclite-Files
https://stackoverflow.com/questions/75574268/missing-file-libarclite-iphoneos-a-xcode-14-3/75980471#75980471

Impactor installation issue

installation.cpp:42
The WatchKit 2.0 app being installed contains an invalid application executable

Getting above error on a device that is on 10.3.3

DVIA-v2.app does not contain a valid Info.plist, so it cannot be installed on iPhone 5s.

I have followed multiple DVIA install guides using different installation techniques, including the official ones. But I'm not able to compile the code on my Mac computer without a bunch of errors and warnings.
https://github.com/prateek147/DVIA-v2

I then tried to follow the tips from this recent guide from July 2020. Where he uses Xcode to install the .ipa file or extracted .ipa file. But I get this error.
https://philkeeble.com/ios/Setting-Up-iOS/

Unable to install “DVIA-v2-swift“.

DVIA-v2.app does not contain a valid Info.plist, so it cannot be installed on iPhone 5s.

(“CFBundleExecutable“ specifies a file that is not executable)

How should I proceed to make Xcode happy with my downloaded DVIA-v2 source codes?

Issue with code signing

Whenever I try to install DVIA I get the following text

I have the following

iPhone 8
iOS 14.3

Failed Error