Skip to content

Bump to 3.11#133

Merged
noobpk merged 29 commits intomasterfrom
dev
Feb 5, 2026
Merged

Bump to 3.11#133
noobpk merged 29 commits intomasterfrom
dev

Conversation

@noobpk
Copy link
Owner

@noobpk noobpk commented Feb 5, 2026

[Release 3.11] - 2025-02-01

Added

  • Default dump output folder: workspaces/dumps for decrypted IPA (created by setup).
  • Option --dump-output-dir DIR: Custom output directory for dumped IPA (CLI and hook.py).
  • Setup: Creates workspaces and workspaces/dumps when running python3 setup.py.
  • New Frida scripts for SSL pinning bypass in Facebook and Instagram apps.
  • SSH credential handling and port forwarding options in the CLI.
  • --ssh-port-forward to forward port from local to device (ssh -R).
  • Using sshpass for auto input SSH password.

Changed

  • Dump IPA path: Saves to frida-ios-hook/workspaces/dumps by default instead of ./dumps (no longer depends on CWD).
  • Dump util (core/utils/dump.py): DUMP_OUTPUT_DIR set from script location (hook_root/workspaces/dumps).
  • Dump log: When dumping, log shows output dir (e.g. IPA output dir: workspaces/dumps).
  • WIKI: Document default path, -o/--output, --dump-output-dir, and that setup creates workspaces/dumps.
  • README: Feature section replaced with full options table from hook.py; changelog section updated to 3.11.
  • Enhance iOSHook CLI with improved usage examples and option descriptions.
  • Enhance option --shell / --ssh with better SSH connection handling.
  • Refactor script loading and error handling for better stability.
  • Update config (hook.conf / hook.json).

Note

Medium Risk
Touches core dump/SSH workflows and Frida spawn/attach behavior; mistakes could break dumping, SSH access, or CLI usage across platforms, though changes are mostly additive and defensive.

Overview
Bumps project to 3.11 and standardizes dump artifacts under frida-ios-hook/workspaces/dumps (created by setup.py), adding --dump-output-dir to override the dumped IPA destination.

Enhances the CLI with clearer help text and new operational flags: --conf to open hook.conf, --network/--local to choose SSH transport, and --ssh-port-forward for remote port forwarding; also adds optional sshpass-backed non-interactive SSH using default credentials from config.

Refactors dumping and hook execution for stability: core/utils/dump.py now creates/uses a deterministic output dir, improves error/crash handling and anti-debugging mitigation, and hardens SCP retrieval (permissions fixes and /tmp fallback), while methods/dump.js writes dumped files with readable permissions to avoid SCP failures. Documentation and dependencies are updated accordingly (new WIKI.md, README options table, pinned frida==16.1.4/frida-tools==12.2.1, and new SSL pinning bypass scripts).

Written by Cursor Bugbot for commit fae5532. This will update automatically on new commits. Configure here.

Copy link

@code-review-doctor code-review-doctor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Worth considering. View full project report here.


if not os.path.isdir(script_dir):
raise FileNotFoundError(
"Expected subfolder 'frida-ios-hook' not found at: {}".format(script_dir)

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

f-string is easier to read, write, and less computationally expensive than legacy string formatting. Explained here.

try:
if not os.path.exists(folder_path):
os.makedirs(folder_path)
print("[+] Created workspace folder: {}".format(folder))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similarly, Consider using f-string instead.

os.makedirs(folder_path)
print("[+] Created workspace folder: {}".format(folder))
else:
print("[*] Workspace folder already exists: {}".format(folder))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Again, Consider using f-string instead.

else:
print("[*] Workspace folder already exists: {}".format(folder))
except Exception as e:
print("[!] Warning: Could not create folder '{}': {}".format(folder, e))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Likewise, Consider using f-string instead.

else:
print("[*] Workspace folder already exists: workspaces/dumps")
except Exception as e:
print("[!] Warning: Could not create folder 'workspaces/dumps': {}".format(e))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above: Consider using f-string instead.

return

if not os.path.exists(hook_json_env):
print("[!] Warning: 'hook.conf.default' not found at: {}".format(hook_json_env))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As above, Consider using f-string instead.

else:
print("[*] hook.conf already exists, skipping initialization")
except Exception as e:
print("[!] Warning: Could not initialize hook.conf: {}".format(e))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above: Consider using f-string instead.

@noobpk noobpk self-assigned this Feb 5, 2026
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 4 potential issues.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

This PR is being reviewed by Cursor Bugbot

Details

You are on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

script.load()
device.resume(pid)
logger.info("[*] Hook loaded, press Ctrl+C to exit.")
sys.stdin.read()
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dead code uses undefined variable after error

High Severity

The else branch for the app-static method logs "Script not found!" but then attempts to spawn an app using options.package, which isn't guaranteed to be set in this code path (the condition only requires options.name). Additionally, the code tries to open(method, 'r') on line 386, but this branch is only reached when os.path.isfile(method) is false, meaning the file doesn't exist. This will cause either a NoneType error when spawning or a FileNotFoundError when opening the file.

Fix in Cursor Fix in Web

break
elif not iproxy_device_port.isdigit():
logger.error("[x_x] Please enter valid port number.")
iproxy_start = input('[?] Do you want start iproxy 2222 {} (yes/no): '.format(iproxy_device_port))
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Invalid port input continues without loop restart

Medium Severity

When a user enters a non-digit port number, the error message is printed at line 162, but there's no continue statement to restart the loop. The code falls through to line 163, which prompts "Do you want start iproxy 2222 {invalid_port}" with the invalid input value. This could lead to attempting to start iproxy with an invalid port parameter.

Fix in Cursor Fix in Web

var Log = Java.use("android.util.Log");
Log.v("FACEBOOK_SSL_PINNING_BYPASS", message);
});
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Android script added to iOS-only repository

High Severity

The facebook.js script uses Android-specific Frida APIs (Java.perform, Java.use, android.util.Log) which don't exist on iOS. When loaded on iOS, line 113 calls logger() which invokes Java.perform(), causing a ReferenceError: Java is not defined and crashing the script immediately. This file was placed in frida-ios-hook/frida-scripts/ which is meant for iOS scripts, but the code is actually for Android Facebook app bypasses.

Additional Locations (1)

Fix in Cursor Fix in Web

break
elif not iproxy_device_port.isdigit():
logger.error("[x_x] Please enter valid port number.")
iproxy_start = input('[?] Do you want start iproxy 2222 {} (yes/no): '.format(iproxy_device_port))
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

User's custom port ignored when confirmed

Medium Severity

When the user enters a custom device port and the prompt asks "Do you want start iproxy 2222 {user_port} (yes/no)", answering "yes" starts iproxy with hard-coded port 22 instead of the user-provided iproxy_device_port. Line 163 correctly formats the confirmation prompt with the user's port, but line 168 ignores it entirely and uses " 22" directly. The user's custom port is only used in the "no" branch (lines 177, 183) and the "else" branch (line 191).

Fix in Cursor Fix in Web

dependabot bot and others added 27 commits February 5, 2026 18:15
Bumps [paramiko](https://github.com/paramiko/paramiko) from 2.11.0 to 3.3.1.
- [Commits](paramiko/paramiko@2.11.0...3.3.1)

---
updated-dependencies:
- dependency-name: paramiko
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [tqdm](https://github.com/tqdm/tqdm) from 4.64.1 to 4.66.1.
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.64.1...v4.66.1)

---
updated-dependencies:
- dependency-name: tqdm
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
* Bump to 3.9 (#98)

* Bump paramiko from 2.11.0 to 3.3.1

Bumps [paramiko](https://github.com/paramiko/paramiko) from 2.11.0 to 3.3.1.
- [Commits](paramiko/paramiko@2.11.0...3.3.1)

---
updated-dependencies:
- dependency-name: paramiko
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump tqdm from 4.64.1 to 4.66.1

Bumps [tqdm](https://github.com/tqdm/tqdm) from 4.64.1 to 4.66.1.
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.64.1...v4.66.1)

---
updated-dependencies:
- dependency-name: tqdm
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* add backtrace to hooking.js

* optimize hook.py

* update readme

* update setup.py

* update requirements

* update requirements

* update changelog

* update readme

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: noobpk <>

* Bump tqdm from 4.64.1 to 4.66.1

Bumps [tqdm](https://github.com/tqdm/tqdm) from 4.64.1 to 4.66.1.
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.64.1...v4.66.1)

---
updated-dependencies:
- dependency-name: tqdm
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: lethanhphuc <31820707+noobpk@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…, and SSH connection handling. Refactor script loading and error handling for better stability. Add new Frida scripts for SSL pinning bypass in Facebook and Instagram apps.
…nning bypass scripts for Facebook and Instagram, improved SSH handling in the CLI, and better usage examples.
…ida-tools version 12.2.1, addressing the ObjC not defined issue.
…tallation instructions; refactor main usage message in hook.py to direct users to the new wiki.
…dd new WIKI.md for comprehensive documentation on installation, usage, and quick methods for frida-ios-hook.
…connection, process spawning, and script attachment. Refactor code to improve readability and maintainability, ensuring consistent logging across different methods of attaching scripts.
…upport. Introduce functions for detecting icon size, computing icon width, and rendering icons. Update get_applications to handle scope, improving application enumeration. Adjust output formatting to include icons when available.
…ling. Introduce output directory option for dumped IPAs, ensure proper file permissions for SCP access, and implement error handling for file retrieval methods. Update generate_ipa function to support custom output paths and verify IPA creation success.
…de dumps and workspace directories, and enhance documentation in README and WIKI.md. Introduce new README for hexbytescan-tasks with task descriptions.
…s', ensuring proper directory structure for output files.
…r configuration, and update .gitignore to reflect changes.
…redential variable for clarity, and update config.py to reflect changes in configuration structure. Add command-line option to open hook.conf with the default editor based on the operating system.
…ok.conf file; enhance help documentation in hook.py for clarity.
…s and improve stability. Update user prompts for SSH connection and enhance logging for better clarity. Modify iproxy start prompt in config.py to reflect dynamic port input.
…attachment for cleaner output. Add new Frida scripts for random device ID generation and displaying device identifiers.
…ories for output files. Update hook.py to support custom output directory for dumped IPAs via new command-line option. Modify WIKI.md to reflect changes in output directory structure and usage instructions.
…output directory for dumped IPAs, new command-line option for custom output paths, and documentation updates in WIKI.md regarding these changes.
…features such as default output directory for dumped IPAs, custom output options, and enhancements to the iOSHook CLI. Document changes in usage examples and improve overall clarity in the README.
Copy link

@code-review-doctor code-review-doctor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some food for thought. View full project report here.


if not os.path.isdir(script_dir):
raise FileNotFoundError(
"Expected subfolder 'frida-ios-hook' not found at: {}".format(script_dir)

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

f-string is easier to read, write, and less computationally expensive than legacy string formatting. More details.

try:
if not os.path.exists(folder_path):
os.makedirs(folder_path)
print("[+] Created workspace folder: {}".format(folder))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similarly, Consider using f-string instead.

os.makedirs(folder_path)
print("[+] Created workspace folder: {}".format(folder))
else:
print("[*] Workspace folder already exists: {}".format(folder))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As above, Consider using f-string instead.

else:
print("[*] Workspace folder already exists: {}".format(folder))
except Exception as e:
print("[!] Warning: Could not create folder '{}': {}".format(folder, e))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similarly, Consider using f-string instead.

else:
print("[*] Workspace folder already exists: workspaces/dumps")
except Exception as e:
print("[!] Warning: Could not create folder 'workspaces/dumps': {}".format(e))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above: Consider using f-string instead.

return

if not os.path.exists(hook_json_env):
print("[!] Warning: 'hook.conf.default' not found at: {}".format(hook_json_env))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above: Consider using f-string instead.

else:
print("[*] hook.conf already exists, skipping initialization")
except Exception as e:
print("[!] Warning: Could not initialize hook.conf: {}".format(e))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similarly, Consider using f-string instead.

@noobpk noobpk merged commit 782b845 into master Feb 5, 2026
5 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant