You might remember a long time ago I wrote a tutorial how to dump iOS Il2Cpp games manually, means you have to find the offset by yourself. Today, you don't have to dump manually anymore, you can dump games easly with a few steps.
Note: I used iOS 14 at the time of writing this tutorial, so it might not be relevant for iOS 15 and above using rootless jailbreak. Don't ask me to try on iOS 15 or above. I have no plan using latest iOS or buying new iDevices
First, you need to decrypt binary. There are ways how to obtain it:
a) Decrypted IPA Downloader: decrypt.day, anyipa.me, or others. You don't even need a jailbroken device, you just download a decrypted IPA straight forward via a web browser
b) iOS Tweaks: CrackerXI+, DumpDecryptor. Jailbroken iOS device is required
Once installed, open it and choose the app you want to install. The decrypted IPA will be stored in /var/mobile/Documents/.
c) Scripts: appdecrypt, frida-ios-dump, frida-ios-hook. PC and a jailbroken iOS device required. Read the instructions how to use it
d) Grab binary and global-metadata.dat manually from jailbroken device (Not recommended because the binary not fully decrypted, dump may fail. It's semi-decrypted)
- Use Filza app.
- Go to /var/containers/Bundle/Application/(App-UDID)/(AppName).app
- Grab UnityFramework file from "/var/containers/Bundle/Application/(App-UDID)/(AppName).app/Frameworks/UnityFramework.framework/". If it doesn't exist, grab the binary file from "/var/containers/Bundle/Application/(App-UDID)/(AppName).app". Usually the binary filename is usually same as (AppName).app folder.
- Grab global-metadata.dat binary file from "/var/containers/Bundle/Application/(App-UDID)/(AppName).app/Data/Managed/Metadata/"
Transfering files from iOS to PC:
If you like, you can transfer the file to your PC using SSH. See tutorial how to setup SSH on iOS: How to Setup SSH Server on iPhone or iPad and transfer files from your PC? - Techglimpse
And use any FTP or SSH tool on your PC. I'm using WinSCP
Il2Cpp dumper tool
In order to dump il2cpp offsets, you need:
- Il2CppDumper or Il2CppDumper GUI for PC
- unitydump app for iOS (For those who don't have a PC)
Once you downloaded the tool and obtained the binary or UnityFramework, we can proceed to dump the game
Il2CppDumper GUI support drag and dropping IPA file straight forward.
If you use original Il2CppDumper, open IPA file using any Zip Utility and extract UnityFramework from "Payload/(AppName).app/Frameworks/UnityFramework.framework/" (or binary file "Payload/(AppName).app/(AppName)), and global-metadata.dat "Payload/(AppName).app/Data/Managed/Metadata/".
Launch Il2CppDumper, select UnityFramework/binary file, then select global-metadata.dat
Once dumped successfully, you will have a dump.cs, DummyDll, and other files.
Have fun modding
Note: I used iOS 14 at the time of writing this tutorial, so it might not be relevant for iOS 15 and above using rootless jailbreak. Don't ask me to try on iOS 15 or above. I have no plan using latest iOS or buying new iDevices
First, you need to decrypt binary. There are ways how to obtain it:
a) Decrypted IPA Downloader: decrypt.day, anyipa.me, or others. You don't even need a jailbroken device, you just download a decrypted IPA straight forward via a web browser
b) iOS Tweaks: CrackerXI+, DumpDecryptor. Jailbroken iOS device is required
Once installed, open it and choose the app you want to install. The decrypted IPA will be stored in /var/mobile/Documents/.
c) Scripts: appdecrypt, frida-ios-dump, frida-ios-hook. PC and a jailbroken iOS device required. Read the instructions how to use it
d) Grab binary and global-metadata.dat manually from jailbroken device (Not recommended because the binary not fully decrypted, dump may fail. It's semi-decrypted)
- Use Filza app.
- Go to /var/containers/Bundle/Application/(App-UDID)/(AppName).app
- Grab UnityFramework file from "/var/containers/Bundle/Application/(App-UDID)/(AppName).app/Frameworks/UnityFramework.framework/". If it doesn't exist, grab the binary file from "/var/containers/Bundle/Application/(App-UDID)/(AppName).app". Usually the binary filename is usually same as (AppName).app folder.
- Grab global-metadata.dat binary file from "/var/containers/Bundle/Application/(App-UDID)/(AppName).app/Data/Managed/Metadata/"
Transfering files from iOS to PC:
If you like, you can transfer the file to your PC using SSH. See tutorial how to setup SSH on iOS: How to Setup SSH Server on iPhone or iPad and transfer files from your PC? - Techglimpse
And use any FTP or SSH tool on your PC. I'm using WinSCP
Il2Cpp dumper tool
In order to dump il2cpp offsets, you need:
- Il2CppDumper or Il2CppDumper GUI for PC
- unitydump app for iOS (For those who don't have a PC)
Once you downloaded the tool and obtained the binary or UnityFramework, we can proceed to dump the game
Il2CppDumper GUI support drag and dropping IPA file straight forward.
If you use original Il2CppDumper, open IPA file using any Zip Utility and extract UnityFramework from "Payload/(AppName).app/Frameworks/UnityFramework.framework/" (or binary file "Payload/(AppName).app/(AppName)), and global-metadata.dat "Payload/(AppName).app/Data/Managed/Metadata/".
Launch Il2CppDumper, select UnityFramework/binary file, then select global-metadata.dat
Once dumped successfully, you will have a dump.cs, DummyDll, and other files.
Have fun modding
Last edited:
