Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Extracting images from an iOS App


JimJax's Avatar
Member
0 0

First, this site is amazing and gets me excited to learn more about hacking. I found it by searching for a way to extract images from an iOS iphone/ipad app.. I've gone ahead and unzipped the .ipa file and found the directories with the icons and images, but they are all stored as .maj and .map file extensions which cannot be opened with any bitmap viewer, except for the app execution icon. I'm a bit lost at the moment with this file type and google has nothing. Has anyone tried to extract the images and icons from an iOS app that could give me some tips? I don't really want to resort to screenshots and photo shop to extract the images.


MrCyph3r's Avatar
npm ERR!
0 0

As far as I know .map files are a kind of debugging symbols… they are just a collection of offsets, binary info and some other cool stuff.

.maj files are just files generated by 3d design softwares, the ones that you use to create accurate models of objects. I think you can use any CAD program to open it.

Ahem… I think you are aware of app's intellectual property, right…


JimJax's Avatar
Member
0 0

Those files types don't really apply to the app. They are definitely images or objects. Yea, not planning on doing anything notorious with the images, actually this app stole most of the characters and items they put into the game from Dota 2. The app is called Hero Epoch and downloadable through google play and itunes by the way in case anyone wants to take a look.


JimJax's Avatar
Member
0 0

Maybe this might help, the game is made by a Chinese company.

The more I research this it looks like it might be a proprietary file type. The same file types are used in both the android and iphone versions of the game. The formats they put icons, images, etc in are .map, .mat, and .maj. I open the libgame.so file with IDA 6.1 and found the following:

aBattle_field_5 DCB "battle_field/battle_field_%d.jpg",0

But, the corresponding file is under battle_field/battle_field.maj

Also found that it probably waits for the app to connect to the server via http, then decompresses all files into jpg(from maj) or png(from map) or gif (from mat).. I believe those are the relations.

So at the moment I'm thinking if I could somehow access the files while the game is running I'll be golden.. anyone ever done that for an iphone or android app?

Well that didn't work.. I open the sandbox while it's running but I don't see any files not even the .map files. So confused, might try some more later.

i'll keep updating this post. Hope you find this interesting.


ArgonQ's Avatar
Member
0 0

I know jack about this kind of thing. However you could try searching the files with a hex editor. jpg files begin with:FF D8 FF E0 XX XX 4A 46 49 46 and terminate with FF D9.

XX XX are usually 00 01 but not alway. Happy grepping :)


Huitzilopochtli's Avatar
....
10 9

Maybe try doing a forensic recovery on the app, for just the image files..