How to build Frida (≥ 16.2.2) for iOS jailbroken devices

guide.md

Here, I'll show you how to compile Frida (≥ 16.2.2) for both rootfull and rootless jailbreaks.

Old Instructions

If you want to compile an old version of Frida (< 16.2.2) you can use my old guide.

Build Instructions

Requirements

• Make sure you have:
  • Python 3.7+ in your PATH. Required by Meson.
  • Node.js in your PATH

macOS

macOS is required because you need to use Apple's proprietary software like Xcode, lipo, and codesign.

Warning

Before starting, read carefully up to the end.

Build

1. Install the latest version of Xcode with command-line tools from the App Store. Without it, you won't have iPhoneOS SDKs.
2. Download Xcode 11.7 directly from Apple at the following link: Xcode_11.7.xip. You will need to authenticate with your Apple ID to download it. Then set the following env:

   export XCODE11=/Applications/Xcode-11.7.app

Tip

To better manage multiple Xcode versions, you can use a CLI tool called xcodes. Alternatively, if you prefer an equivalent GUI app, you can use XcodesApp.

3. Once downloaded, opening the .xip archive will begin extracting it. After extraction, rename the app to avoid conflicting with your primary installation of Xcode and move it to /Applications/ (e.g., mv Xcode.app /Applications/Xcode-11.7.app).
4. Download this script, change gdb_codesign to frida-cert, and then run it.
5. Run brew install dpkg to install dpkg-deb.

Note

To compile Frida I use gmake. If you don't want to install it you can use make shipped by Apple with Xcode Command Line Tools.

6. Clone the project:

   git clone https://github.com/frida/frida.git
   cd frida

7. (Optional) Check out the latest stable release:

   git checkout "$(git describe --tags "$(git rev-list --tags --max-count=1)")"

   To go back to origin/main, run git switch -.
8. (Optional) Select your preferred Xcode version:

   export DEVELOPER_DIR=/Applications/Xcode.app/Contents/Developer  

9. Export the identity previously created in an enviroment variable called IOS_CERTID:

   export IOS_CERTID=frida-cert

10. To package everything you must set the following env:

    gmake git-submodules
    FRIDA_VERSION=$(releng/frida_version.py)
    export FRIDA_VERSION

11. Build frida-server and frida-agent.dylib for 3 different architectures:

    mkdir -vp release-assets
    for jb in rootless rootfull; do
      for arch in arm64 arm64e arm64eoabi; do
        MESON_BUILD_ROOT="$(pwd)/build-${arch}-${jb}"
        export MESON_BUILD_ROOT
        if [ "${jb}" = "rootless" ]; then
          ./configure --host=ios-"${arch}" --prefix=/var/jb
        else
          ./configure --host=ios-"${arch}"
        fi
        gmake -j$(($(/usr/sbin/sysctl -n hw.logicalcpu) + 1))
      done
      frida_ios_universal_path="$(pwd)/ios-${jb}-assets/$(if [ "${jb}" = "rootless" ]; then echo "var/jb/"; fi)"
      mkdir -vp "${frida_ios_universal_path}"/usr/{bin,lib/frida}/
      python ./releng/mkfatmacho.py "${frida_ios_universal_path}/usr/bin/frida-server" "$(pwd)/build-"{arm64,arm64e,arm64eoabi}"-${jb}/subprojects/frida-core/server/frida-server"
      codesign -vf -s "-" --preserve-metadata=entitlements "${frida_ios_universal_path}/usr/bin/frida-server"
      lipo "$(pwd)/build-"{arm64,arm64e}"-${jb}/subprojects/frida-core/lib/agent/frida-agent.dylib" -create -output "${frida_ios_universal_path}/usr/lib/frida/frida-agent.dylib"
      install_name_tool -id 'FridaAgent' "${frida_ios_universal_path}/usr/lib/frida/frida-agent.dylib"
      codesign -s "$IOS_CERTID" -fv --timestamp=none --generate-entitlement-der "${frida_ios_universal_path}/usr/lib/frida/frida-agent.dylib"
      arch=$(if [ "${jb}" = "rootless" ]; then echo "arm64"; else echo "arm"; fi)
      ./subprojects/frida-core/tools/package-server-fruity.sh "iphoneos-${arch}" "${frida_ios_universal_path}" release-assets/"frida_${FRIDA_VERSION}_iphoneos-${arch}.deb"
    done

12. Check the release-assets/ directory to find your DEBs file. Enjoy!