Tutorial

Requirements

Mac OSX
Xcode 5.0 or higher
git
Jailbroken iOS device running iOS 9+
OpenSSH installed on iOS device
Some shell knowledge

Get a copy of the code, or download the binary from releases.
Copy the Clutch binary to /usr/bin/ on your device. scp /path/to/Clutch root@<your.device.ip>:/usr/bin/
SSH to your device. ssh root@<your.device.ip>

Run `Clutch -i` to see a list of installed applications:

iPhone:~ root# Clutch -i
Installed apps:
 1:   Pages <com.apple.Pages>
 ...
 79:  Facebook <com.facebook.Facebook>

Run `Clutch -b <BundleID>` to dump an application:

Note: This can be the number, name, or bundle ID of the application.

iPhone:~ root# Clutch -b com.apple.Pages
Now dumping com.apple.Pages
Preparing to dump <Pages>
Path: /private/var/mobile/Containers/Bundle/Application/9635CFDE-87AC-4F84-B8E7-B3D22DA11A65/Pages.app/Pages
DUMP | ARM64Dumper <arm64> <Pages> ASLR slide: 0x100060000
Dumping <Pages> (arm64)
DUMP | ARM64Dumper <arm64> <Pages> Patched cryptid (64bit segment)
DUMP | ARM64Dumper <arm64> <Pages> Writing new checksum
Finished dumping com.apple.Pages to /var/tmp/clutch/7F513F62-6B64-4FB2-8915-8316F4EFD84B
Finished dumping com.apple.Pages in 12.3 seconds

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Tutorial

Requirements

Run `Clutch -i` to see a list of installed applications:

Run `Clutch -b <BundleID>` to dump an application:

Clone this wiki locally

Tutorial

Requirements

Run Clutch -i to see a list of installed applications:

Run Clutch -b <BundleID> to dump an application:

Clone this wiki locally

Run `Clutch -i` to see a list of installed applications:

Run `Clutch -b <BundleID>` to dump an application: