Skip to content
This repository was archived by the owner on May 9, 2025. It is now read-only.
This repository was archived by the owner on May 9, 2025. It is now read-only.

lipo: can't open input file: /private/var/containers/Bundle/Application/....app(No such file or directory) #266

Open
Open
lipo: can't open input file: /private/var/containers/Bundle/Application/....app(No such file or directory)#266
@sdnfl

Description

@sdnfl
sdnfl
opened on Oct 25, 2018

Issue

Hello.
First i had an error when needle tried to get Info.plist using command: shpass -p "alpine" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 22 root@10.10.10.247:"'/private/var/containers/Bundle/Application/7*************/***********.app'"'"'"'"'"'"'"'"'/Info.plist'" /root/.needle/tmp/plist(No such file or directory: '/root/.needle/tmp/plist).

I solved this case just by typing command myself without """"""""""""" after ".app":
shpass -p "alpine" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 22 root@10.10.10.247:"'/private/var/containers/Bundle/Application/**********.app/Info.plist'" /root/.needle/tmp/plist. And file was downloaded.

And now when i run any module i get another error:
ipo: can't open input file: /private/var/containers/Bundle/Application/....app(No such file or directory).
But path is correct and file in folder .app exist.

When i run command myself i get same error. lipo -info '/private/var/containers/Bundle/Application//*****.app'"'"'/'

But again, if i run command without """" it works... But get another error:
dyld: lazy symbol binding failed: Symbol not found: _map_fd
Referenced from: /usr/bin/lipo
Expected in: dyld shared cache

dyld: Symbol not found: _map_fd
Referenced from: /usr/bin/lipo
Expected in: dyld shared cache

Trace/BPT trap: 5
ohhhhh....
Now i don't know what to do to solve it. help please.

*** - Application name (cannot tell which :))

Expected behaviour

Tell us what should happen.
Needle should run any module

Actual behaviour

Different errors

Steps to reproduce

needle error logs

Ensure verbose and debug mode are enabled:
[needle][class_dump] > run
[] Checking connection with device...
[+] Already connected to: 10.10.10.247
[D] Creating temp folder: /var/root/needle/
[D] [REMOTE CMD] Remote Command: if [ -d /var/root/needle/ ]; then echo "yes"; else echo "no" ; fi
[+] Target app: com.raiffeisen.online.mobile
[] Retrieving app's metadata...
[D] Copying the plist to temp: '/private/var/containers/Bundle/Application//.app'"'"'/Info.plist' -> /root/.needle/tmp/plist
[] Pulling: '/private/var/containers/Bundle/Application//.app'"'"'/Info.plist' -> /root/.needle/tmp/plist
[D] Downloading: "'/private/var/containers/Bundle/Application//.app'"'"'"'"'"'"'"'"'/Info.plist'" -> /root/.needle/tmp/plist
[D] [LOCAL CMD] Local Command: sshpass -p "alpine" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 22 root@10.10.10.247:"'/private/var/containers/Bundle/Application/..app'"'"'"'"'"'"'"'"'/Info.plist'" /root/.needle/tmp/plist
[D] [REMOTE CMD] Remote Command: lipo -info '/private/var/containers/Bundle/Application//.app'"'"'/'
[!] lipo: can't open input file: /private/var/containers/Bundle/Application/7*******/.app'/*** (No such file or directory)

[V] [SSH] Disconnecting...
[V] [AGENT] Disconnecting from agent...
[?] Resetting connection to device...
[V] [AGENT] Connecting to agent (10.10.10.247:4444)...
[+] [AGENT] Successfully connected to agent (10.10.10.247:4444)...
[D] [AGENT] Executing command: os_version
[V] [SSH] Connecting (10.10.10.247:22)...
[+] [SSH] Connected (10.10.10.247:22)
[?] Rerunning last command...
[!] lipo: can't open input file: /private/var/containers/Bundle/Application//.app'/***** (No such file or directory)

[V] [SSH] Disconnecting...
[V] [AGENT] Disconnecting from agent...
[?] Resetting connection to device...
[V] [AGENT] Connecting to agent (10.10.10.247:4444)...
[+] [AGENT] Successfully connected to agent (10.10.10.247:4444)...
[D] [AGENT] Executing command: os_version
^C
[needle][class_dump] >

Environment

Needle Version

1.3.2

  • Framework (on your machine):
  • Agent (on your device):

Workstation Operating System

Kali linux 2018.2

Python Version

Python 2.7.14+

Python Packages (pip freeze)

adns-python==1.2.1
anyjson==0.3.3
argcomplete==1.8.1
asn1crypto==0.24.0
attrs==17.4.0
Automat==0.6.0
backdoor-factory==0.0.0
backports-abc==0.5
backports.functools-lru-cache==1.4
backports.shutil-get-terminal-size==1.0.0
backports.ssl-match-hostname==3.5.0.1
BBQSQL==1.0
bcrypt==3.1.4
bdfproxy==0.0.0
BeautifulSoup==3.2.1
beautifulsoup4==4.6.0
biplist==1.0.3
BlindElephant==1.0
blinker==1.4
capstone==3.0.4
certifi==2018.1.18
chardet==3.0.4
CherryTree==0.38.2

FIXME: could not find svn URL in dependency_links for this package:

chirp===daily-20170714
click==6.7
colorama==0.3.7
ConfigArgParse==0.11.0
configobj==5.0.6
configparser==3.5.0
constantly==15.1.0
construct==2.8.16
couchdbkit==0.6.5
cryptography==2.1.4
cycler==0.10.0
decorator==4.1.2
dicttoxml==1.7.4
distorm3==3.3.4
dnslib==0.9.7
dnspython==1.15.0
docutils==0.14
easygui==0.96
Elixir==0.7.1
enum34==1.1.6
et-xmlfile==1.0.1
feedparser==5.2.1
Flask==0.12.2
funcsigs==1.0.2
fuse-python==0.2.1
future==0.15.2
futures==3.2.0
GDAL==2.2.4
GeoIP==1.3.2
gevent==1.2.2
greenlet==0.4.12
h2==3.0.1
hpack==3.0.0
html2text==2018.1.9
html5lib==0.999999999
http-parser==0.8.3
httplib2==0.9.2
hyperframe==5.1.0
hyperlink==17.3.1
idna==2.6
impacket==0.9.15
incremental==16.10.1
ipaddress==1.0.17
IPy==0.83
ipython==5.5.0
ipython-genutils==0.2.0
itsdangerous==0.24
jdcal==1.0
Jinja2==2.10
jsbeautifier==1.6.4
jsonpickle==0.9.5
jsonrpclib==0.1.7
keyring==10.6.0
keyrings.alt==3.0
killerbee==1.0
lxml==4.2.0
M2Crypto==0.27.0
Mako==1.0.7
MarkupSafe==1.0
matplotlib==2.1.1
mechanize==0.2.5
mercurial==4.5.2
metaconfig==0.1.4a1
mockito==0.5.2
msgpack==0.5.1
mysqlclient==1.3.10
nassl==0.12
netaddr==0.7.19
NfSpy==1.0
numpy==1.13.3
olefile==0.45.1
openpyxl==2.4.9
OWSLib==0.16.0
PAM==0.4.2
paramiko==2.4.0
passlib==1.7.1
pathlib2==2.3.0
pcapy==0.10.8
peepdf==0.4.1
pefile==2017.11.5
pexpect==4.2.1
pickleshare==0.7.4
Pillow==4.3.0
pluggy==0.6.0
ply==3.11
prettytable==0.7.2
prompt-toolkit==1.0.15
psycopg2==2.7.4
py==1.5.2
pyasn1==0.4.2
pyasn1-modules==0.2.1
pycairo==1.16.2
pycrypto==2.6.1
pycryptodomex==3.4.7
pycurl==7.43.0.1
pydns==2.3.6
pyenchant==2.0.0
Pygments==2.2.0
pygobject==3.28.1
pygtkspellcheck==4.0.5
pyinotify==0.9.6
PyJWT==1.5.3
pymongo==3.6.1
pymssql==2.1.3
PyNaCl==1.2.1
pyOpenSSL==17.5.0
pyparsing==2.2.0
PyPDF2==1.26.0
pyperclip==1.6.0
pyproj==1.9.5.1
pyrit==0.5.1
pyscard==1.9.6
pyserial==3.4
pysmi==0.2.2
pysnmp==4.4.3
pysnmp-apps==0.3.2
pysnmp-mibs==0.1.3
PySocks==1.6.5
pyspatialite==3.0.1
pysqlite==2.7.0
pytest==3.3.2
python-dateutil==2.6.1
python-Levenshtein==0.12.0
python-magic==0.4.16
pythonaes==1.0
pytz==2018.3
pyusb==1.0.0b2
PyX==0.12.1
pyxdg==0.25
PyYAML==3.12
qrcode==5.3
requests==2.18.4
restkit==4.2.2
rfidiot==1.0
roman==2.0.0
scandir==1.7
scapy==2.3.3
SecretStorage==2.3.1
service-identity==16.0.0
Shapely==1.6.4
simplegeneric==0.8.1
simplejson==3.13.2
singledispatch==3.4.0.3
six==1.11.0
slowaes==0.1a1
socketpool==0.5.3
SQLAlchemy==1.2.5
sshtunnel==0.1.4
subprocess32==3.2.7
tcpwatch==1.3.1
tornado==5.0
traitlets==4.3.2
Twisted==17.9.0
typing==3.6.4
unicodecsv==0.14.1
urllib3==1.22
urwid==2.0.1
uTidylib==0.3
vinetto==0.7b0
volatility==2.6
wapiti==2.3.0
wcwidth==0.1.7
webencodings==0.5
webunit==1.3.10
Werkzeug==0.14.1
wfuzz==2.2.9
Whoosh==2.7.4
wxPython==3.0.2.0
wxPython-common==3.0.2.0
XlsxWriter==0.9.6
xmlbuilder==1.0
yara-python==3.7.0
zenmap==7.70
zim==0.68
zope.interface==4.3.2

Device iOS Version

9.3.2

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions