Download .ipa Files from iOS AppStore

tomkausch Leave a Comment

Obtaining an .ipa file for an iOS app that is available on the App Store can be a challenge, especially if you don’t have access to the file directly. Fortunately, the ipatool tool offers a solution. With ipatool, you can search for and download a copy of the app package from the App Store, giving you the ability to perform a thorough analysis of the app’s security. Whether you are an iOS pentester, a bug bounty hunter, or a developer looking to ensure the security of your app, ipatool can be a valuable tool in your toolkit.

Installation

Before you can use ipatool, you need to have the following:

  • Apple ID used on your iPhone
  • ipatool Installation

The easiest way to install ipatool is from the releases site.

Login

In order to use ipatool to download .ipa files from the App Store, you will need to authenticate the tool using your Apple ID. Once you have entered your Apple ID, you will receive a one-time passcode (OTP) from Apple, which you will need to enter in order to complete the authentication process and gain access to the App Store through ipatool.

➜  bin ./ipatool auth login --email thomas@kausch.li --password secret
3:20PM INF enter 2FA code:
839963
3:21PM INF email=thomas@kausch.li name="Thomas Kausch" success=true

Search

Before we can use ipatool i.e. to download an .ipa file from the App Store, we need to search for the app bundle id. This can be done by using the ipatool search command, which allows us to search for apps by name or by the developer’s name. In this example, we will download twint ipa’s. For also get latest price and version for each app. 

➜  bin ./ipatool search --limit 5 Twint    
3:21PM INF apps=[{"bundleID":"ch.twint.wallet","id":1001116392,"name":"Prepaid TWINT \u0026 andere Banken","price":0,"version":"38.2"},
...

Download

To download the .ipa file for an iOS app from the App Store using ipatool, you can use the –bundle-identifier parameter followed by the app’s bundle ID. You can also use the –output flag to specify the location and name of the file that you want to save the .ipa file as.

➜  bin ./ipatool download -b ch.twint.wallet 
5:18PM INF output=/Users/thomaskausch/bin/ch.twint.wallet_1001116392_38.2.ipa success=true

Note: if you have not yet downloaded the app for you account you probably need to download it first on your iPhone so you get a license for it.

tomkausch

More Posts

Leave a Reply

Your email address will not be published. Required fields are marked *