查看 id  运行3-new

![IMAGE](resources/B4C52CD62F43C3B970DF84E5238B3933.jpg =778x809)
![[resources/B4C52CD62F43C3B970DF84E5238B3933.jpg =778x809]](assets/resources/B4C52CD62F43C3B970DF84E5238B3933.jpg =778x809)

frida-ps -Ua

另一个基于frida的App解密器。需要越狱的iOS设备和[frida.re](https://www.frida.re/)

bagbak [bundle id or name] 
bagbak com.tencent.xin


vim clear等命令是由于在手机的cydia中安装了
adv-cmds 
Vi IMproved
两个工具

ps -A | grep Ali 或 进程ID 可以查看该应用的进程调用情况
cypriot -p Alipay //附加到哪一个进程
附加进程后，可以UIApp查看该APP的Application，
UIWindow.keyWindow()
#地址.roootView #地址.view

![IMAGE](resources/9D694842F5BCDDA682E656CFB43595FF.jpg =1310x788)
![[resources/9D694842F5BCDDA682E656CFB43595FF.jpg =1310x788]](assets/resources/9D694842F5BCDDA682E656CFB43595FF.jpg =1310x788)


查看是否已解密。结果如下：

otool -l WeChat.app/WeChat | grep -B 2 crypt

cryptic 0 // 0代表解密、1代表加密**

手机安装App的ipa文件位置：/var/containers/Bundle/Application/

重启SpringBoard
killall SpringBoard

<https://github.com/DerekSelander/yacd> 手机砸壳

<https://github.com/BishopFox/bfdecrypt>

<https://github.com/JohnCoates/flexdecrypt>