# Protect iOS Project

## Overview

Virbox Protector supports to protect/encrypt the iOS project with GUI tool and CLI tool both.

The format of executive iOS application is MachO format.

Here we use the project "**CoupletLabel**" as a example to introduce how to use Virbox Protector to protect and distribute the project to Apple store.

Tips

> It is suggested to protect iOS projects in Mac environment, which is easier and convenient to sign the iOS application;

### The security of iOS application

Although the iOS application download from **App Store** has been protected, but with the more powerful crack tool available in the market (for example, Clutch) , with these tools, it will not make too big challenge to professional cracker to decrypt the protected iOS application. further more, the cracker may:

use the tools:

`class-dump` to dump and export all of head file of MachO fille;

use hopper or IDA tools to analysis the code MachO file to reverse the source code;

So, for those machO file which require highly security, it is mandatory and necessary to protect with code hardening and app shielding tools.

### Functionality

`Virbox Protector` supports developer to protect iOS application, IPA package, developer may use Virbox Protector GUI tool or CLI tool, to protect specified critical functions with fine grained and general protection to  iOS application or IPA package. which effectively to prevent reverse engineering, dumping, debugging tampering and repackaging to iOS application and IPA package.

#### **General Protection to iOS app, IPA package** 

> Set general protection in "Protection Option" tab

**Memory Check**

with `Memory Check`, it will check and verify integrity of iOS package when **load** the apps, when tampering has been detected, then quit the execution;

when developer need to check memory in app execution, you can use and set the `SDK label` to check memory in source code accordingly;

**Objective C Name obfuscation**

OC name of obfuscation, means to obfuscate class name into a meaningless string name, and cracker can not identify the calling relationship by use of class name.

> **Tips**
>
> 1. OC name of obfuscation, supports to obfuscate the class name only,
>
> doesn't support to obfuscate the name of method, for the class name which calling other resources, it doesn't support also;
>
> 2. If the obfuscate code involves the reflection calls cross-module , OC name obfuscation may cause the GUI interface functions doesn't work properly.

**Sample**

Not using OC name of obfuscation, use decompiler to decompile the class name of original iOS package, the decompiled result as shown in below:

<figure><img src="/files/tNrcdZOmilXS3y8tLD6h" alt=""><figcaption></figcaption></figure>

When using the OC name of Obfuscation, the decompiled result to the class name of iOS application as shown in below:

<figure><img src="/files/egRg3VczsVex9KJ68uxh" alt=""><figcaption></figcaption></figure>

Comparison: all class name has be obfuscated and meaningless. no useful by cracker

**Debugger Detect**

Debugging is important way in reverse engineering process, it will be quickly tracing & positioning to relevant logic in massive binary instruction when debugging used.

Debugger Detect feature, when this feature enabled, it will detect/monitor if current module process being debugged by IDA Pro/ lldb tools, when debugging has been detected, the protected application will be quit execution.

**Strip Debugging information**

the execution program in IPA package may contained `debug` information and `static symbol table`, which contained the information to functions name, address, etc. if such kind of information has been included when launched and released. it will have potential threaten to your apps;

Use and enable the feature: `Strip Debugging information`, it will remove/strip the .debug info and `static symbol table`

**Sample**

The symbol contained in the original program: as shown in below:

<figure><img src="/files/F5nvBMTk2l4GdaAlBig5" alt=""><figcaption></figcaption></figure>

The symbol when click to enable `Strip debugging information`, as shown in below:

<figure><img src="/files/0P4hW6J6t6xdGQiwiR1e" alt=""><figcaption></figcaption></figure>

**Signature Verification**

To verify developer signature certificate (Team ID), to prevent the IPA package being repackaged and signed again by third party;

> Tips:
>
> 1\) To enable the sign verification, it is mandatory to enable sign option;
>
> 2\) To enable sign, Sign verification can be optional;

**Sign setting**

When sign enabled, it must select the sign certificate consistent with the certificate when use xCode to compile the xCarchive, then protected app has been signed on default;

When sign disabled, then protected app will not signed on default, developer need to manual sign the protected app (for example, developer may use `codesign`, iOS app Signer to sign the app);

#### **Protect  Function (Function Option tab)**

> Developer may select and set the protection option to specified functions in "Function Option" tabs when you use Virbox GUI tool;

**Code of Obfuscation**

Code obfuscation means the process of the converting the original instructions in a function into random instruction fragments that are difficult to read with the method of equivalent transformation, immediate number encryption, indirect jump, false branch, junk instruction scrambling, and instruction slicing.

**Sample**

Use decompiler to decompile the original applications (without code of obfuscation), as shown in below:

<figure><img src="/files/CyJjqywldt1AB56rfjAY" alt=""><figcaption></figcaption></figure>

Use decompiler to decompile the  app with the Code of obfuscation, as shown in below:

<figure><img src="/files/vKA9POxn4OJ1ZolozA6P" alt=""><figcaption></figcaption></figure>

**Code of Virtualization**

Code of Virtualization, means with the "Virtualization" process, the original assembly instructions in the function are converted into customized virtual instructions, which are executed in a customized virtual machine at runtime, simulating the memory access, conditional judgment, register status, etc. in the assembly instructions.

**Sample**

Use decompiler to decompile the "Virtualized" app, as shown in below:

<figure><img src="/files/HP3gBdie6c0FEvPFcC88" alt=""><figcaption></figcaption></figure>

## Protection Process: (Using Virbox Protector GUI tool)

> Developer may select either the Virbox Protector GUI tool or CLI tool to protect iOS applications.

### Compile application with Xcode

1. Compile and build `xcarchive` file which contained the dSYM file

Modify the compile option, the `xcarchive` package compiled contained the dSYM file

Operation:

```
 Xcode->TARGETS->Build Setting->Build Options->Debug Information Format
```

**to select to enable Option:**

**`DWARF with dYSM option`**

Tips:

> The purpose to select and enable this option is to make the xcarchive file being built contained the dSYM file, which to show the function's names when Virbox Protector parse the iOS project. otherwise the functions will only show the relevant address respectively.

<figure><img src="/files/tAVGon0faFbUoYIuxwJC" alt=""><figcaption></figcaption></figure>

2. Diable the Bitcode option

Virbox Protector doesn't support the bitcode, and also, the Xcode editor disable the `bitcode` option start from V 15., so, for developer who use the xCode editor higher than 15. you can ignore below operation;

For developer still use the xCode version under 15, it is necessary to disable the option of `bitcode` when compiling project, as shown in below:

`Xcode->TARGETS->Build Setting->Build Options->Enable Bitcode->no；`

<figure><img src="/files/7qgP5WyPqkDEQILPTjqE" alt=""><figcaption></figcaption></figure>

3. Build and archive the project

Build/Archive the project:&#x20;

`Xcode->Product->Archive`

<figure><img src="/files/QPl5rbu3gjukQ79K1Ji4" alt=""><figcaption></figcaption></figure>

4. Next, Go to the Archive page

<figure><img src="/files/M0DfinmUILsLgVKh9v4g" alt=""><figcaption></figcaption></figure>

5. Select the project archived and right click in "Finder" to open the archive

<figure><img src="/files/fTaGOmeoDIzhsQ3Lep9H" alt=""><figcaption></figcaption></figure>

6. Find the the xcarchive being built, and right click `Show Package Content`

<figure><img src="/files/smyvGPeUzRw8m82sebzb" alt=""><figcaption></figcaption></figure>

7. Go to the archive, find the un-protected application located at:

`Products\Applications`

<figure><img src="/files/rtcjQ5YVbjSpvS1ogjr0" alt=""><figcaption></figcaption></figure>

### Protect iOS Project

#### Open Virbox Protector GUI tools and Sign-in with your account

Find the sub directory which "application" located, Drag the "applications" into the Virbox Protector GUI tools

#### Protect the critical functions (in Function option tab)

Go to:

`Function Option` tab and click "`Add Functions`" button in upper right corner of the page

<figure><img src="/files/tHQKNrXTjVsofz73kYo5" alt=""><figcaption></figcaption></figure>

Click the "`Add Function`" button in Upper right corner to select the functions which need to be protected, and right click to select the "Protection mode" to each functions: `Virtualization`, `Obfuscation`, or `No protect`

Tips

> The Functions selection and protection process to iOS project is similar process to Android and native application process. more information you may refer Android protection process or Native project protection process.

<figure><img src="/files/cBu40aQoBexySawxXD2C" alt=""><figcaption></figcaption></figure>

Tips

> For those iOS application which compiled with Objective C or Swift language, the symbole contained by themself, so Virbox Protector will parse and identify the name of function whether or not contained dSYM file;
>
> For those iOS application called library which compiled by C/C++, then the library doesn't include symbol after compiled, so dSYM file required to identify the name of functions;
>
> Save the dYSM file into the same directory of app files located. then Virbox Protector may parse and shown the function's name. Otherwise, the functions parsed will be shown the address only;
>
> For xcarchive package, it is no need to save the dYSM file into the same directory. Virbox Protector will reading relevant information automatically.
>
> The dYSM file location: as shown in below:

<figure><img src="/files/LEqdvczSRCxJXy2mlSE2" alt=""><figcaption></figcaption></figure>

#### General Protection Setting (Setting in Protection Option tab)

Go to "`Protection Option`" tab

Set the `Output` path and `output` file name, click box in right to change output path and output name;

<figure><img src="/files/z4gYIOh1w8KDChUNfB9I" alt=""><figcaption></figcaption></figure>

Set the protection option to iOS apps in General to prevent debugging and decompiling

**Memory Check**: To prevent apps being tampered.

**Objective-C, Name Obfuscation**: To prevent the Objective-C class dumping, to get the name of method.

**Debugger Detection**: to detect the debugger, to prevent dynamic analysis and debug apps

**Strip Debugging Info**: To remove the debugging information

**Sign Setting**

Click to enable the Signature option, then please keep the signature certificate in consistent with the certificate signed when Xcode compile and build the xcarchive, and then the protected apps has been signed on default.

If you doesn't click to enable the signature, then the protected apps will be Not signed on default. so, it is necessary for developer to sign the protected applications manually (for example, use the "codesign " command line to sign, or use the iOS App Signer tool to sign the apps), and keep the certificated signed consistent with the certificate signed when use Xcode to built project.

Tips

> If the protected apps will be installed in the mobile which non jailbreak. make sure the account specified in Xcode compiling: signing>Team, is consistent with the account used to sign in Virbox Protector.

#### Click "Protect Selected Project" to start protection

<figure><img src="/files/tEA1xxHI58H6Qwv2aZxR" alt=""><figcaption></figcaption></figure>

When protection completed, following "file" will be generated:

\*\*\*.app.ssp: this is the configuration file which saved the setting of `Function Option` and `Protection Option` Tabs. this configuration file location is same as the original file. so it is no need to re set the configuration when you use the Virbox Protector to re protect the file. use the previous configuration file will be fine.

/protected/\*\*\*.ipa: the new IPA package which protected and new generated;

/protected/\*\*\*.app: the new application after protection/shielding.

<figure><img src="/files/qdBZKHtIDMHp4NPMTcLv" alt=""><figcaption></figcaption></figure>

### Distribute the Protected Application to App store

Before distribute the application to App store, it is necessary to back up and move the original applications to another folder. and:

Move the protected application to the folder which the original application located. please don't save it in the xcarchive package.

after above update completed, back to Archived page and click "`Distribute App`" to launch applications

<figure><img src="/files/kpxpZYI5kg9ZYP8rAmec" alt=""><figcaption></figcaption></figure>

## Protection Process: By Virbox Protector CLI tool

Virbox Protector provides CLI to developer to protect iOS application;

The CLI tools: `virboxprotector_con` ,

located at (on default installation path):

```
Windows:C:\Program Files\senseshield\Virbox Protector 3\bin 
​
Linux:/usr/share/virboxprotector/bin 
​
macOS:/Applications/Virbox Protector 3.app/Contents/MacOS/bin 
```

### **With the Configuration file to protect iOS application**

(Protection option configuration file) will be generated: `.ssp` file, then developer can use the same setting (protection configuration file) and use Virbox Protector CLI to protect iOS applications, the CLI command:

```
 virboxprotector_con <input_file> -o <output_file> 
```

then, `virboxprotector_con` , the CLI tools will automatically to search the \<input\_file.ssp, as a configuration file and use protection option setting defined in the configuration to start the protection.

#### Generate the configuration file

In this step, Use Virbox Protector GUI to set the protection option in "`Function Option`" and "`Protection Option`" Tabs to generate .SSP file.

The setting process is similar with the process by use of Virbox Protector GUI tool to protect the apps. only difference is in last step, after you complete the all setting options, click the button:

`Save all Configuration`

as shown in below snapshot.

This configuration file generated will be used by CLI tool in second steps.

<figure><img src="/files/wReifGGqH2LASHRq2wdI" alt=""><figcaption></figcaption></figure>

### Use Virbox Protector CLI to protect iOS apps

Go to the sub directory which Virbox Protector CLI tool located and find the CLI tools

find the Virbox Protector app, open the app folder, you can find the

```
virboxprotector_con
```

under the `/contents/MacOS/bin` directory

#### View "Help" information:

Open the terminal windows, go to the folder: "`virboxprotector_con`", input:

`virboxprotector_con`

to view the help information

#### Execute the protection command

```
 virboxprotector_con helloworld.app -o ssp.helloworld.app 
```

### **Without the Configuration file to protect iOS application**

in case the Configuration file doesn't generated, when developer use the Virbox Protector CLI to protect applications,

The CLI tool `virboxprotector_con` will use the on default protection option setting to protect iOS applications;

Developer also may set the protection option by pass the options, you may refer CLI Option in below:

#### **Protection Option setting to CLI tool**

**Protection Option Setting**

| Protection setting           | Option             | on default value |
| ---------------------------- | ------------------ | ---------------- |
| Memory Check                 | `--mem-check=`     | `0`              |
| Debugger detection           | `--detect-dbg=`    | `0`              |
| Objective C Name Obfuscation | `--objc-rename=`   | `0`              |
| Sign setting: enable sign    | `--sign-check=`    | `0`              |
| Strip Debugging info         | `--strip-dbginfo=` | `1`              |

**Sample**

To protect IPA package, select and enable the option:

`Memory Check`

`Debugger Detection`

`Strip Debugging info`,

and disable

`Sign`

Use following command:

```
virboxprotector_con test.ipa --mem-check=1 --detect-dbg=1 --strip-dbginfo=1 -o protector/test.ipa 
```

#### **Sign Option setting**

| Setting            | Option        |
| ------------------ | ------------- |
| Sign enable        | `--sign=`     |
| Certificate        | `--identity=` |
| ipa package output | `--ipa=`      |

**Sample**

1. Use Command line to view system certificate

   ```
    security find-identity -v -p codesigning 
   ```
2. To protect IPA package, click to select the option:

   Memory Check

   Debugger Detection

   Sign enable & Verification

   Use following command:

   ```
   virboxprotector_con test.ipa --mem-check=1 --detect-dbg=1 --sign-check=1 --sign=1 --identity="certficate id" -o protector/test.ipa 
   ```

#### **Function Protection option setting**

| Function Protection setting     | Option                  |
| ------------------------------- | ----------------------- |
| Code of Virtualization          | `-v`                    |
| Code of Obfuscation (Mutation)  | `-m`                    |
| Code of Encryption              | `-e`                    |
| Ignore the function not support | `--ignore-unsupported=` |

Support to protect functions with specified function name or set a rule to protect functions, to split each setting with semicolon,

support with wildcard `*`

Example

```
-m "function1;function2" -v "function3;function4" -e "test*" --ignore-unsupported=1 
```

### Upload the protected application

Developer use Xcode, or Transpoter to upload the protected application to App Store, developer may also use other tools to upload the application to App Store.

Here we introduce how to use Xcode and Transporter to upload/distribute the protected application into App Store.

#### Upload with Xcode

1. Before distribute the application to App store, it is necessary to back up and move the original applications to another folder;
2. Then move the protected application to the folder which the original application located. Please delete the related .ssp file.
3. after step above, return with Archive page, click `Distribute App` to upload the protected applications

#### Upload with Transporter

1. drag the protected application into the Transporter directly;
2. click `Verification` and wait to complete the verification process;
3. when verification completed, click `upload`

## Appendix

#### 1. How to Get crash information (find the Virbox log file) when the protected application crashed

The issue:&#x20;

if the protected iOS application crashed when running in the mobile terminal, it is necessary to submit the crash information (log file which contained the crash information) to Virbox support teams, so developer need to find the log file and submit to Virbox team.

Step1

Please connect the mobile with the mac machine, and make sure the IP address of mobile keep the same IP network segment with the mac Machine's.

Step2

Open the Xcode, select the `Windows>Devices and Simulator` Option

<figure><img src="/files/yIccWCdY85DZcMnCtCXw" alt=""><figcaption></figcaption></figure>

`Click View Device Log`s Option

<figure><img src="/files/WSp3MUwIUC8DRKotPqq9" alt=""><figcaption></figcaption></figure>

If the IP address of mobile is in the same network segment with mac machine, if the application running in the mobile terminal crashed, then the log file will be automatically synchronized to following page:

Click the Type to be the "Crash", right click "Export Log" and save the log to local machine.

<figure><img src="/files/Jn2Q6Xolh3MDIrnayfJR" alt=""><figcaption></figcaption></figure>

#### 2. How to use the Command line to sign (Code signing)

**2.1 Use the command to query the digital certificate in the machine**

```
 security find-identity -v -p codesigning 
```

**2.2 Use the command codesign the application**

```
  codesign -fs <certificate info>  ***.app 
```

**3. How to pack the application into IPA package**

3.1 Create a folder, folder name is payload

3.2 Save the protected application into the folder created in above steps

3.3 Compress the payload folder (on default compress in zip file)

3.4 Rename the suffix from .zip to .ipa


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://documentation.virbox.com/use-cases/protect-mobile-applications/protect-ios-project.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.