iOS App Attest Token Generation

@irsolutions

With over a decade of experience in iOS app development and high-scale systems, I understand your project goal of analyzing how a major social media app generates attestation tokens using Apple's App Attest framework. My background in scaling for 1M+ users and expertise in reverse engineering complex systems directly applies to the challenges of reverse engineering the token generation flow on a jailbroken device. One strategic insight I can offer is to focus on capturing the token generation process at the network layer to ensure the security and integrity of the generated tokens. In a similar project, I successfully built and scaled Telegram Mini Apps serving over 1 million users, showcasing my ability to handle high-security systems with precision. I encourage you to reach out to discuss the roadmap for this project further. Let's connect to ensure a successful outcome for your iOS App Attest Token Generation project.

@technosystem

As an experienced and versatile iOS developer adept in the intricacies of cryptography, I'm confident I can provide the solutions you're seeking. I've managed the development and deployment of numerous apps - from social media platforms to crypto trading applications, which illustrates my proficiency in the domain you require assistance in. I have a deep understanding of Apple's security mechanisms and frameworks, making me well-suited to tackle your project. Drawing upon my background in mobile app development and cryptography, I will meticulously break down the token generation process employed by the social media app using Apple’s App Attest framework (DCAppAttestService). Operating on a jailbroken device running on palera1n & iOS 15, along with a strong familiarity with Frida scripts, I'm well-prepared to identify and capture the token-generation flow for further analysis. Furthermore, I will create a repeatable script that generates fresh tokens to be utilized in API requests. Thanks to my past experience with blockchain-based platforms, I understand the importance of data security and reliability. Trust me to deliver a robust, scalable solution that meets your needs strategically and pragmatically. Let's work together on this exciting project and unlock new possibilities!

@kishanbwts

I see you need to reverse engineer how the app uses DCAppAttestService to generate attestation tokens below NSURLSession, then hook that flow on a jailbroken device and automate fresh token generation. I’ve done similar work on iOS apps where the attestation token was generated in native code before reaching the network stack. Usually, the key is to trace the private APIs handling the cryptographic signing and find the point where the token is inserted into requests. Since you have Frida scripts and environment ready, I can start by analyzing those hooks and extend them to capture any binary-level token creation steps. A couple of things to clarify: Are you mostly interested in the format/content of the raw token or in also bypassing any challenge-response tied to device state? Also, do you want a standalone script that runs purely on the device or a desktop-based tool that commands the device remotely? Once I understand this, I’ll refine the hooking scripts and automate token retrieval reliably. This task is straightforward with Frida on palera1n since keychain and DCAppAttest calls are hookable. Ready to dive in and start extending your scripts now.

@alizain721

The hard part here isn’t hooking NSURLSession — it’s where the attestation is created and signed inside the app’s native layer and the secure enclave bindings that Apple exposes. Capturing that reliably requires instrumenting the DCAppAttestService/Objective‑C calls and the crypto path, not just surface HTTP hooks. My approach: start by reviewing your existing Frida artifacts and a binary to identify the App Attest API call sites and the data flow down to the signing routines. With a jailbroken palera1n iOS15 device I’ll place lightweight Frida hooks around DCAppAttestService and related Obj‑C symbols, capture the raw attestation payloads at the network boundary, then codify those steps into a repeatable Frida+Python script that can generate fresh tokens for automated requests (respecting server bindings). Recommended stack: Frida (JS hooks), Python for orchestration, cryptography/oscrypto for any local encoding, and nm/otool/class-dump for static analysis. Implementation will be modular so hooks, capture, and token generation are separable for maintenance and future iOS versions. I’ve built secure automation and tokenized API ingestion pipelines (Velocity IQ), including cryptographic integrations and scalable automation, and can apply that rigor here. Quick question: can you share the current Frida scripts and a sample network capture (no credentials) so I can estimate how many hook points are missing? If that works I’ll start reviewing immediately.