Setting up iGoat on Non-Jailbroken iDevices

OWASP iGoat is an open source self-learning tool for iOS developer and iOS mobile security tester.Non Jailbroken devices have Apple’s restrictions and cannot install apps and other content from sources other than the official App store.

This document demonstrates way to install iGoat Application on Non-Jailbroken device by using Cydia Impactor

Downloading iGoat:

Setting up iGoat:

To install iGoat.ipa on non-jailbroken device, we use a technique called SideLoading.

Sideloading is a technique used to upload the applications files (IPA or APK) from a local storage to the mobile device without downloading it from the official App Store.

This Can be achieved by using a tool called “Cydia Impactor”

Cydia Impactor is a versatile software, available on Windows, Linux, and Mac operating systems, which can perform a number of tasks for both iOS and Android platform. Today we’ll know how we can use Cydia Impactor to install different iOS IPA apps and files without requiring a jailbroken device.

Note: - To install iGoat.ipa on non-jailbroken device, we can do it through windows, MacOS and Linux operating system.

Install iGoat IPA File Using Cydia Impactor.

In this document we demonstrated how to install iGoat on the latest iOS version 10.3.3

1.Download latest version of Cydia Impactor from the official sitehttp://www.cydiaimpactor.com/

2.Choose your operating system

3.Extract the zipped file into an easily accessible location.

4.Make it sure you have already installed the latest version of iTunes on your Computer.

5.Connect your device with the PC using the USB cable.

6.Now launch the executable file of Cydia Impactor.

7.Once it recognizes your iPhone, click on “Device” on menu and then click on “Install Pakage” and select the iGoat.ipa file to install on the device.

8.The application will ask for Apple ID username and Apple ID password which are used to fetch the certificate from the Apple’s servers.

9.Use a newly created Apple ID which you never used before and also enroll your apple id in https://developer.apple.com/

10.Please be patient and let Cydia Impactor perform different tasks to sign and install the IPA file.

11.Once you see the application installed on your phone, go to “Settings > General > Device Management”. Open the just installed profile, and click on trust the developer.

It will prompt a window and Click on “Trust”.

12.Installation Completed. Now you can launch iGoat Application on phone.

13.Click on "Dismiss" to start the challenges.

References: -

1) http://www.cydiaimpactor.com/

2) https://en.wikipedia.org/wiki/Sideloading

results matching ""

    No results matching ""