Jump to content

Welcome to AppCake Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

How to crack Apps on iOS 11


  • This topic is locked This topic is locked
126 replies to this topic

#61
Ghay

Ghay

    .

  • IC Uploader
  • 21,936 posts
    • Time Online: 106d 13h 39m 20s
  • iDevices Owned:iPhone 6, iPhone 6+, iPhone 7, iPhone 7+, iPad Air, iPad Air 2, Apple Watch, iHave a PC

Some of user_hidden and zachary work on ios 11 look in forum on crack releases u will see ok ios 11 but I am told works on some devices and others wont and will not work most times below ios 11 devices. This is why I have not cracked anything for Ios 11 at this time not worth the effort as most Cydia apps do not work on ios 11 and the developers have not updated or just given up Sad but true. Even Saruk the creator of Cydia never fulfilled his promise to update Cydia I am told the developer of Rasticrac which is the used cracking tool has not even got a device on ios 11 so nothing in the short term expected from him



#62
temptemp9

temptemp9

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 15h 26m 21s

Many cracked applications simply require the correct entitlements to run on iOS 11.x., and you don't need the original stock/uncracked binary to do that.

 

Let's take Dungeon Defense for example: https://www.iphoneca...195035357_.html, as it's the latest one I've fixed. It was cracked by Ghay, works fine on iOS 9.x and 10.x but crashes upon launch on 11.3.1.

 

You need two additional things:

 

- ldid2 from https://github.com/c...8/bin/ldid2.exe

- the cygwin environment (used to run Linux programs under windows).

 

From cygwin, be sure to install zip, unzip, gcc and libgcc. Put ldid2.exe in the /bin folder of the main cygwin directory (e.g. c:\cygwin64\bin), copy the DungeonDefense.ipa in c:\cygwin64\home\<your username>\ then run the cygwin shell.

 

From there:

 

$ unzip DungeonDefense.ipa

 

after unzipping, you need to assign the correct entitlements to the main binary file of the application contained in the payload directory (usually AppName.app/AppName). In this specific case:

 

$ ldid2 -S  Payload/ProtectDungeon.app/ProtectDungeon

 

This re-signs c:\cygwin64\home\temptemp9\Payload\ProtectDungeon.app\ProtectDungeon with the correct entitlements. Then you need to replace the old binary inside the .ipa file with the newly re-signed one: 

 

$ zip -r DungeonDefense.ipa Payload/ProtectDungeon.app/ProtectDungeon

 

That's it. You can sideload the ipa (or copy it on your device and install it with Filza), and it will run fine. Obviously this won't work for every game or application, your mileage may vary.

 

Edit: you could obviously install the old .ipa and then simply replace the binary on your device. And you obviously need to be jailbroken and have AppSync - the 30.0 version from angelxwind repo (install it only from her repo!) works fine on 11.x.


  • mmm286 likes this

#63
temptemp9

temptemp9

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 15h 26m 21s

The former example works only for a certain extent - I can successufully launch the game, however after completing the first day the "Thanks for trying out this game." message appears, and it seems it won't keep your saved data (the save list is always empty upon relaunch).

 

Ghay, care to point me in the right direction? I think the root issue of this problem is shared with many other games/applications. Thanks. Already tried with noSubstitute and Liberty Lite to block jailbreak detection.



#64
mmm286

mmm286

    Caker

  • IC Member
  • 41 posts
    • Time Online: 2d 3h 35m 17s

Many cracked applications simply require the correct entitlements to run on iOS 11.x., and you don't need the original stock/uncracked binary to do that.

Let's take Dungeon Defense for example: https://www.iphoneca...195035357_.html, as it's the latest one I've fixed. It was cracked by Ghay, works fine on iOS 9.x and 10.x but crashes upon launch on 11.3.1.

You need two additional things:

- ldid2 from https://github.com/c...8/bin/ldid2.exe
- the cygwin environment (used to run Linux programs under windows).

From cygwin, be sure to install zip, unzip, gcc and libgcc. Put ldid2.exe in the /bin folder of the main cygwin directory (e.g. c:\cygwin64\bin), copy the DungeonDefense.ipa in c:\cygwin64\home\\ then run the cygwin shell.

From there:

$ unzip DungeonDefense.ipa

after unzipping, you need to assign the correct entitlements to the main binary file of the application contained in the payload directory (usually AppName.app/AppName). In this specific case:

$ ldid2 -S Payload/ProtectDungeon.app/ProtectDungeon

This re-signs c:\cygwin64\home\temptemp9\Payload\ProtectDungeon.app\ProtectDungeon with the correct entitlements. Then you need to replace the old binary inside the .ipa file with the newly re-signed one:

$ zip -r DungeonDefense.ipa Payload/ProtectDungeon.app/ProtectDungeon

That's it. You can sideload the ipa (or copy it on your device and install it with Filza), and it will run fine. Obviously this won't work for every game or application, your mileage may vary.

Edit: you could obviously install the old .ipa and then simply replace the binary on your device. And you obviously need to be jailbroken and have AppSync - the 30.0 version from angelxwind repo (install it only from her repo!) works fine on 11.x.

Thank for your tutorial
When I make zip file the size is smaller tha original size. 225mb vs 2,5mb. Is ok that?

Thanks



#65
temptemp9

temptemp9

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 15h 26m 21s

Thank for your tutorial
When I make zip file the size is smaller tha original size. 225mb vs 2,5mb. Is ok that?

Thanks

 

No, the size of the new archive should be almost exactly like the old one. Are you sure you're using the correct version of the zip package? The -r switch simply replaces a file inside the specified archive, and the re-signed binary size should be almost identical to the previous one.


  • mmm286 likes this

#66
mmm286

mmm286

    Caker

  • IC Member
  • 41 posts
    • Time Online: 2d 3h 35m 17s

No, the size of the new archive should be almost exactly like the old one. Are you sure you're using the correct version of the zip package? The -r switch simply replaces a file inside the specified archive, and the re-signed binary size should be almost identical to the previous one.

Thanks. I've tried with OceanHorn but not works. The application open and then close it.Someone could try with these application to verify if I'm doing well the procedure?
Thanks

#67
temptemp9

temptemp9

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 15h 26m 21s

Thanks. I've tried with OceanHorn but not works. The application open and then close it.Someone could try with these application to verify if I'm doing well the procedure?
Thanks

 

I can confirm that sadly it doesn't work. I'm testing Bloons TD 5 at the moment, seems to work fine.



#68
temptemp9

temptemp9

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 15h 26m 21s

It looks like that Ghay and user_hidden are using different cracking methods, as I can (most of the time) successfully assign entitlements and re-sign with ldid2 Ghay releases, but not user_hidden ones.

 

Example: https://www.iphoneca...284972998_.html (SoundHound)

 

The latest version from user_hidden will crash on start on iOS 11.3.1, and running the binary through ldid2 doesn't change the outcome. The Ghay release however works fine after performing the same procedure.

 

Is there any way I could help? 



#69
Ghay

Ghay

    .

  • IC Uploader
  • 21,936 posts
    • Time Online: 106d 13h 39m 20s
  • iDevices Owned:iPhone 6, iPhone 6+, iPhone 7, iPhone 7+, iPad Air, iPad Air 2, Apple Watch, iHave a PC

It looks like that Ghay and user_hidden are using different cracking methods, as I can (most of the time) successfully assign entitlements and re-sign with ldid2 Ghay releases, but not user_hidden ones.

 

Example: https://www.iphoneca...284972998_.html (SoundHound)

 

The latest version from user_hidden will crash on start on iOS 11.3.1, and running the binary through ldid2 doesn't change the outcome. The Ghay release however works fine after performing the same procedure.

 

Is there any way I could help? 

This is why I will not crack for Ios 11 as my cracks will work on Ios 11 if you resign them it is up to the user to do this if higher then ios 10 untill another quick reliable tool comes out if ever


  • temptemp9 likes this

#70
Amrrr

Amrrr

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 12h 18m 54s
  • LocationEgypt
  • iDevices Owned:iPhone 7

Many cracked applications simply require the correct entitlements to run on iOS 11.x., and you don't need the original stock/uncracked binary to do that.

 

Let's take Dungeon Defense for example: https://www.iphoneca...195035357_.html, as it's the latest one I've fixed. It was cracked by Ghay, works fine on iOS 9.x and 10.x but crashes upon launch on 11.3.1.

 

You need two additional things:

 

- ldid2 from https://github.com/c...8/bin/ldid2.exe

- the cygwin environment (used to run Linux programs under windows).

 

From cygwin, be sure to install zip, unzip, gcc and libgcc. Put ldid2.exe in the /bin folder of the main cygwin directory (e.g. c:\cygwin64\bin), copy the DungeonDefense.ipa in c:\cygwin64\home\<your username>\ then run the cygwin shell.

 

From there:

 

$ unzip DungeonDefense.ipa

 

after unzipping, you need to assign the correct entitlements to the main binary file of the application contained in the payload directory (usually AppName.app/AppName). In this specific case:

 

$ ldid2 -S  Payload/ProtectDungeon.app/ProtectDungeon

 

This re-signs c:\cygwin64\home\temptemp9\Payload\ProtectDungeon.app\ProtectDungeon with the correct entitlements. Then you need to replace the old binary inside the .ipa file with the newly re-signed one: 

 

$ zip -r DungeonDefense.ipa Payload/ProtectDungeon.app/ProtectDungeon

 

That's it. You can sideload the ipa (or copy it on your device and install it with Filza), and it will run fine. Obviously this won't work for every game or application, your mileage may vary.

 

Edit: you could obviously install the old .ipa and then simply replace the binary on your device. And you obviously need to be jailbroken and have AppSync - the 30.0 version from angelxwind repo (install it only from her repo!) works fine on 11.x.

 

This method works perfectly with me most of time

 

Now i'm able to use like 90 % of Apps & Games on JB iOS 11.3.1 , iPhone 8 Plus



#71
Ghay

Ghay

    .

  • IC Uploader
  • 21,936 posts
    • Time Online: 106d 13h 39m 20s
  • iDevices Owned:iPhone 6, iPhone 6+, iPhone 7, iPhone 7+, iPad Air, iPad Air 2, Apple Watch, iHave a PC

This method works perfectly with me most of time

 

Now i'm able to use like 90 % of Apps & Games on JB iOS 11.3.1 , iPhone 8 Plus

Once someone combines all the bits and pieced needed in to one script I will then resign my cracks but no one even looks to be working on it



#72
temptemp9

temptemp9

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 15h 26m 21s

Once someone combines all the bits and pieced needed in to one script I will then resign my cracks but no one even looks to be working on it

 

I could take a look into it, if the underlying toolchain (bfinject or clutch/rasticrac? Currently I'm not familiar with iOS app cracking) actually has support for iOS 11. As far as I can see, only bfinject has been forked to support iOS 11, and it requires the app to actually be executed in order to work. If the problem is related to automating the task, I'm willing to give it a go.



#73
Amrrr

Amrrr

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 12h 18m 54s
  • LocationEgypt
  • iDevices Owned:iPhone 7

Once someone combines all the bits and pieced needed in to one script I will then resign my cracks but no one even looks to be working on it

It seems your releases work chances are better than others too



#74
Ghay

Ghay

    .

  • IC Uploader
  • 21,936 posts
    • Time Online: 106d 13h 39m 20s
  • iDevices Owned:iPhone 6, iPhone 6+, iPhone 7, iPhone 7+, iPad Air, iPad Air 2, Apple Watch, iHave a PC

It seems your releases work chances are better than others too

A lot do not even check them see if they work



#75
Sacmunraga

Sacmunraga

    Pro Caker

  • IC Member
  • 292 posts
    • Time Online: 6d 3h 59m 29s
  • iDevices Owned:iPad Mini with Retina, iMac, iHave a PC
The signer script does exactly what temptemp9 has posted. I can update the script to work with ldid2, and it will be identical to temptemp9’s method...

#76
Ghay

Ghay

    .

  • IC Uploader
  • 21,936 posts
    • Time Online: 106d 13h 39m 20s
  • iDevices Owned:iPhone 6, iPhone 6+, iPhone 7, iPhone 7+, iPad Air, iPad Air 2, Apple Watch, iHave a PC

I could take a look into it, if the underlying toolchain (bfinject or clutch/rasticrac? Currently I'm not familiar with iOS app cracking) actually has support for iOS 11. As far as I can see, only bfinject has been forked to support iOS 11, and it requires the app to actually be executed in order to work. If the problem is related to automating the task, I'm willing to give it a go.

Would be useful a automatic scrypt is needed even if it is a after normal cracking method



#77
temptemp9

temptemp9

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 15h 26m 21s

The signer script does exactly what temptemp9 has posted. I can update the script to work with ldid2, and it will be identical to temptemp9’s method...

 

I haven't tested if signing with ldid2 breaks compatibility with older iOS versions, though.



#78
user_hidden

user_hidden

    Forum Admin

  • Admin
  • 11,063 posts
    • Time Online: 269d 9h 38m 15s
  • iDevices Owned:iPod Classic, iPod Touch 4, iPhone 4, iPhone SE, iPhone 6, iPhone 8, iPad Mini, iPad Mini 2, iPad 1, iPad 2, iPad 5, MacBook Air, iHave a PC
  • Most used iOS:iOS 5, iOS 6, iOS 7, iOS 8, iOS 9, iOS 10, iOS 11, iOS 12

I haven't tested if signing with ldid2 breaks compatibility with older iOS versions, though.


of course it doesn't !

#79
Ciappolandia

Ciappolandia

    Caker

  • IC Member
  • 33 posts
    • Time Online: 10h 1m 45s

Many cracked applications simply require the correct entitlements to run on iOS 11.x., and you don't need the original stock/uncracked binary to do that.

 

Let's take Dungeon Defense for example: https://www.iphoneca...195035357_.html, as it's the latest one I've fixed. It was cracked by Ghay, works fine on iOS 9.x and 10.x but crashes upon launch on 11.3.1.

 

You need two additional things:

 

- ldid2 from https://github.com/c...8/bin/ldid2.exe

- the cygwin environment (used to run Linux programs under windows).

 

From cygwin, be sure to install zip, unzip, gcc and libgcc. Put ldid2.exe in the /bin folder of the main cygwin directory (e.g. c:\cygwin64\bin), copy the DungeonDefense.ipa in c:\cygwin64\home\<your username>\ then run the cygwin shell.

 

From there:

 

$ unzip DungeonDefense.ipa

 

after unzipping, you need to assign the correct entitlements to the main binary file of the application contained in the payload directory (usually AppName.app/AppName). In this specific case:

 

$ ldid2 -S  Payload/ProtectDungeon.app/ProtectDungeon

 

This re-signs c:\cygwin64\home\temptemp9\Payload\ProtectDungeon.app\ProtectDungeon with the correct entitlements. Then you need to replace the old binary inside the .ipa file with the newly re-signed one: 

 

$ zip -r DungeonDefense.ipa Payload/ProtectDungeon.app/ProtectDungeon

 

That's it. You can sideload the ipa (or copy it on your device and install it with Filza), and it will run fine. Obviously this won't work for every game or application, your mileage may vary.

 

Edit: you could obviously install the old .ipa and then simply replace the binary on your device. And you obviously need to be jailbroken and have AppSync - the 30.0 version from angelxwind repo (install it only from her repo!) works fine on 11.x.

 

 

Thanks a lot, this really works!!! I've been able to install most of the app I had on my hard drive!!

 

You rock!!

 

For another group of apps, when I use appinst, I got the following error:

 

appinst main:186 failed to install

 

Do you know how to fix this?



#80
temptemp9

temptemp9

    Getting Known

  • IC Member
  • 14 posts
    • Time Online: 15h 26m 21s

Thanks a lot, this really works!!! I've been able to install most of the app I had on my hard drive!!

 

You rock!!

 

For another group of apps, when I use appinst, I got the following error:

 

appinst main:186 failed to install

 

Do you know how to fix this?

 

Make sure you have installed AppSync Unified 30.0 from Karen's repo (http://cydia.angelxwind.net/).