How can I run an iOS app in a macOS sandbox?

Question

I realize that iOSapps can run on m1 macs, however that requires downloading the app from the App Store. I did discover that iOS apps can be extracted as .ipa files on an intel Mac. When these files are moved to an m1 Mac they can execute ‘normally’. However before execution they query their environment and they know they are not on their original iDevice and they change their behavior.

Is there a way to attach a debugger to this iOS process on the Mac to study what the iOS process is doing?

One way is to run an iOS app in a sandbox on the m1 Mac so it thinks it’s on the original iDevice. Then I could compare the sandboxed execution with the execution of the same app unsandboxed. But I need a way to ‘run an iPhone Os’ on a Mac. Can an iOS image be run as a virtual machine?

Please note that I do not have the source code of these apps so I cannot get the debug compilation from Xcode which can then run in corellium

Answer 1

Yes, you can attach a debugger to such an "iOS process" just like you would attach debuggers to other processes. You'll probably want to disable SIP.

There's no sandbox that works like "an original iDevice" (whatever that might be).

In pure technical terms, you are actually running the iOS app in a virtual machine already (no, it doesn't have to be full machine emulation to be a virtual machine). However, for the intent of your question, no that is not something you can do.

I suspect your actual problem is that you're trying to run an app that tries to detect jailbroken iPhones. The detection method is within the app, and so it is not the same from app to app. If you knew what detection method was being used, you could most probably circumvent that. An alternative is simply to remove the check from the app binary.