MASTG-TECH-0098: Patching React Native Apps

If the React Native framework has been used for development, the main application code is in the file Payload/[APP].app/main.jsbundle. This file contains the JavaScript code. Most of the time, the JavaScript code in this file is minified. With the tool JStillery, a human-readable version of the file can be retried, which will allow code analysis. The CLI version of JStillery and the local server are preferable to the online version because the latter discloses the source code to a third party.

At installation time, the application archive is unpacked into the folder /private/var/containers/Bundle/Application/[GUID]/[APP].app from iOS 10 onward, so the main JavaScript application file can be modified at this location.

To identify the exact location of the application folder, you can use the tool ipainstaller:

  1. Use the command ipainstaller -l to list the applications installed on the device. Get the name of the target application from the output list.
  2. Use the command ipainstaller -i [APP_NAME] to display information about the target application, including the installation and data folder locations.
  3. Take the path referenced at the line that starts with Application:.

Use the following approach to patch the JavaScript file:

  1. Navigate to the application folder.
  2. Copy the contents of the file Payload/[APP].app/main.jsbundle to a temporary file.
  3. Use JStillery to beautify and de-obfuscate the contents of the temporary file.
  4. Identify the code in the temporary file that should be patched and patch it.
  5. Put the patched code on a single line and copy it into the original Payload/[APP].app/main.jsbundle file.
  6. Close and restart the application.