MASTG-TECH-0098: Patching React Native Apps

If the React Native framework has been used for development, the main application code is in the file Payload/[APP].app/main.jsbundle. This file contains the JavaScript code. Most of the time, the JavaScript code in this file is minified. With the tool JStillery, a human-readable version of the file can be retrieved, enabling code analysis. The CLI version of JStillery and the local server are preferable to the online version because the latter discloses the source code to a third party.

During installation, the application archive is unpacked into the folder /private/var/containers/Bundle/Application/[GUID]/[APP].app starting with iOS 10, so the main JavaScript application file can be modified at this location.

To identify the exact location of the application folder, you can use ipainstaller:

  1. Use the command ipainstaller -l to list the applications installed on the device. Extract the target application name from the output list.
  2. Use the command ipainstaller -i [APP_NAME] to display information about the target application, including the installation and data folder locations.
  3. Take the path referenced at the line that starts with Application:.

Use the following approach to patch the JavaScript file:

  1. Navigate to the application folder.
  2. Copy the contents of the file Payload/[APP].app/main.jsbundle to a temporary file.
  3. Use JStillery to beautify and de-obfuscate the contents of the temporary file.
  4. Identify the code in the temporary file that should be patched and patch it.
  5. Put the patched code on a single line and copy it into the original Payload/[APP].app/main.jsbundle file.
  6. Close and restart the application.