How to Extract the Images From Any App in the App Store

Facebook

Recently I discovered how incredibly easy it to extract the original, full-resolution images (and other resource files like video, audio, .plist files) from any app in the App Store, without jailbreaking, and without special software. For iOS developers, this can give a fascinating look at the insides of an app. As always, be sure to do this for learning purposes only and respect all apps’ intellectual property.

  1. Open iTunes and go to the Apps section. (If you haven’t yet downloaded or synced the apps you want to extract, do so now)
  2. Right-click any app icon in iTunes and select View in Finder if on a Mac, or Show in Windows Explorer on Windows.
  3. Copy the .ipa file to your desktop.
  4. Right-click on the file and rename it, replacing the .ipa extension with .zip.
  5. Double-click on the .zip file to open it. Inside there will be a Payload folder, with an .app file (Mac) or folder (Windows) inside.
  6. On Windows, just open the folder. On a Mac, right-click on that file and select Show Package Contents.

Tada! You will see listed all the app’s original, full-resolution images and other files! See the image above for some of the contents of the Facebook app.

So, what can we take away from this?

  • An .ipa file is just a .zip file.
  • An .app file is just a package folder.
  • Apple’s DRM encryption only protects app binaries, not non-compiled resource files.
  • Never keep sensitive strings like API keys or credentials in your .plist files.
  • Always use an obfuscation library like UAObfuscatedString if you must store sensitive strings inside your app binary.
  • Don’t ever think that your app’s resources are safe from prying eyes!
About these ads

About Martin Rybak

I am a New York area software developer and MBA with 10+ years of server-side experience on the Microsoft stack. I've also been a native iOS developer since before the days of ARC. I architect and develop full-stack web applications, iOS apps, database systems, and backend services.

7 responses to “How to Extract the Images From Any App in the App Store

  1. Thanks for sharing this! You reminded me of the time I read that Microsoft DOCX files are also ZIP archives, filled with gooey, XML-y goodness.

  2. Paul

    Very interesting but it feels so wrong. Isn’t there a way that Apple should protect the apps? Everyone has access to other’s intellectual property. I tried it Martin but all the png files are blank. Is there a reason why? Thanks

  3. String obfuscation libraries and encrypting data while including the keys with your app is just false security. They can always be extracted. If you ever end up asking yourself “how can I include this secret password in my app in a way that my users cannot find it out”, you’re doing it wrong.

    • Good point, Matti. The ideal solution is simply to not include sensitive data in your app build. However if there is no workaround, you can at least make things as difficult as possible so hackers can move on to easier targets.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 29 other followers

%d bloggers like this: