Jump to content

Welcome to AppCake Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

How to crack Apps on iOS 11


  • This topic is locked This topic is locked
126 replies to this topic

#101
haen

haen

    Pro Caker

  • IC Trusted User
  • 102 posts
    • Time Online: 12d 3h 56m 27s
  • iDevices Owned:iPhone 4, iPhone 6, MacBook Pro, iHave a PC

ldid -Sent.plist "EXECUTABLE"
you mean:
ldid -Sent.plist "EXECUTABLE"
with a space?

Without space.



Sent from my iPhone using Tapatalk

#102
zachary

zachary

    IC L.E.G.E.N.D

  • IC Uploader
  • 12,071 posts
    • Time Online: 75d 4h 53m 29s
  • Twitter:https://twitter.com/Zachary_cracks
  • LocationEU
  • iDevices Owned:iPhone 6, iPhone 7, iPad Mini, iHave a PC
  • Donations:Use Itunes Gift cards

eny clue why Bfinject files- latest for 11.1.1-2 cant decrypt larger Apps ? higher then 200 MB, they all fail in procees while decrypting. 



#103
user_hidden

user_hidden

    Forum Admin

  • Admin
  • 11,099 posts
    • Time Online: 269d 22h 58m 21s
  • iDevices Owned:iPod Classic, iPod Touch 4, iPhone 4, iPhone SE, iPhone 6, iPhone 8, iPad Mini, iPad Mini 2, iPad 1, iPad 2, iPad 5, MacBook Air, iHave a PC
  • Most used iOS:iOS 5, iOS 6, iOS 7, iOS 8, iOS 9, iOS 10, iOS 11, iOS 12

eny clue why Bfinject files- latest for 11.1.1-2 cant decrypt larger Apps ? higher then 200 MB, they all fail in procees while decrypting.


not enough wait time

#104
Ciappolandia

Ciappolandia

    Caker

  • IC Member
  • 33 posts
    • Time Online: 10h 1m 45s

Apps should be resigned with proper entitlement.
Try to extract the entitlement from executable before ldid:

ldid -e "EXECUTABLE" >> ent.plist

and then resign with ldid and entitlement:

ldid -Sent.plist "EXECUTABLE"

Sent from my iPhone using Tapatalk

 

I tried this, but I have the same problem (I used ldid2 instead of ldid).

 

main:186 Failed to install com.daysofwonder.SmallWorld

 

This is version 2.5.2 of the app that is a 64 bit app.



#105
zachary

zachary

    IC L.E.G.E.N.D

  • IC Uploader
  • 12,071 posts
    • Time Online: 75d 4h 53m 29s
  • Twitter:https://twitter.com/Zachary_cracks
  • LocationEU
  • iDevices Owned:iPhone 6, iPhone 7, iPad Mini, iHave a PC
  • Donations:Use Itunes Gift cards

not enough wait time


fixed that issue

#106
Laxus

Laxus

    Getting Known

  • IC Member
  • 11 posts
    • Time Online: 4h 24m 11s
  • Twitter:@laxusic
  • iDevices Owned:iPad Air 2

Ermm guy, is there a way to use sacmun bfinject version to work on iOS 11.3.1?



#107
user_hidden

user_hidden

    Forum Admin

  • Admin
  • 11,099 posts
    • Time Online: 269d 22h 58m 21s
  • iDevices Owned:iPod Classic, iPod Touch 4, iPhone 4, iPhone SE, iPhone 6, iPhone 8, iPad Mini, iPad Mini 2, iPad 1, iPad 2, iPad 5, MacBook Air, iHave a PC
  • Most used iOS:iOS 5, iOS 6, iOS 7, iOS 8, iOS 9, iOS 10, iOS 11, iOS 12

Ermm guy, is there a way to use sacmun bfinject version to work on iOS 11.3.1?


of course it works on 11.3.1

#108
Laxus

Laxus

    Getting Known

  • IC Member
  • 11 posts
    • Time Online: 4h 24m 11s
  • Twitter:@laxusic
  • iDevices Owned:iPad Air 2

of course it works on 11.3.1


Do I need to turn off Tweaks mode in Electra? Because it doesn't work for me

 

EDIT: Reboot and re-jailbreak with Tweak mode off and it's work fine :P

EDIT 2: Is there a way to make it work with Tweak mode on? I have another forks of bfinject which worked with Tweak mode on but haven't been updated for Electra1131. Here it is, place the bfinject in /private/



#109
haen

haen

    Pro Caker

  • IC Trusted User
  • 102 posts
    • Time Online: 12d 3h 56m 27s
  • iDevices Owned:iPhone 4, iPhone 6, MacBook Pro, iHave a PC

Do I need to turn off Tweaks mode in Electra? Because it doesn't work for me

 

EDIT: Reboot and re-jailbreak with Tweak mode off and it's work fine :P

EDIT 2: Is there a way to make it work with Tweak mode on? I have another forks of bfinject which worked with Tweak mode on but haven't been updated for Electra1131. Here it is, place the bfinject in /private/

 

it works with tweak mode on.

 

you can use 'plrun' from that fork to run bfinject's injector:

plrun bfinject4realz $PID bfdecrypt.dylib

or you can use electra's injector:

/electra/inject_criticald $PID bfdecrypt.dylib

  • Laxus likes this

#110
Laxus

Laxus

    Getting Known

  • IC Member
  • 11 posts
    • Time Online: 4h 24m 11s
  • Twitter:@laxusic
  • iDevices Owned:iPad Air 2

 

it works with tweak mode on.

 

you can use 'plrun' from that fork to run bfinject's injector:

plrun bfinject4realz $PID bfdecrypt.dylib

or you can use electra's injector:

/electra/inject_criticald $PID bfdecrypt.dylib

 

Could you be more specific please. I'm using sacmun's bfinjecto and it doesn't work for me with Tweak mode on.

About that fork, where do I put the plrun file?



#111
haen

haen

    Pro Caker

  • IC Trusted User
  • 102 posts
    • Time Online: 12d 3h 56m 27s
  • iDevices Owned:iPhone 4, iPhone 6, MacBook Pro, iHave a PC

Could you be more specific please. I'm using sacmun's bfinjecto and it doesn't work for me with Tweak mode on.

About that fork, where do I put the plrun file?

 

put plrun in 

/usr/bin

and 

chmod +x /usr/bin/plrun

in bfinject edit 

"$RANDOM_NAME" "$PID" "$DYLIB_PATH"

to 

plrun "$RANDOM_NAME" "$PID" "$DYLIB_PATH"

  • AwesomeRob and Laxus like this

#112
Laxus

Laxus

    Getting Known

  • IC Member
  • 11 posts
    • Time Online: 4h 24m 11s
  • Twitter:@laxusic
  • iDevices Owned:iPad Air 2


put plrun in

/usr/bin
and
chmod +x /usr/bin/plrun
in bfinject edit
"$RANDOM_NAME" "$PID" "$DYLIB_PATH"
to
plrun "$RANDOM_NAME" "$PID" "$DYLIB_PATH"

Thank you so much. I'm getting this error, do you know what is it about?

EDIT: Do you know what is this error about?
[+] Electra detected.[+] Injecting into '/var/containers/Bundle/Application/DEC1A08E-2AC0-4E64-AB45-EDAFAB05D450/1Password.app/1Password'[+] Getting Team ID from target application...[+] Thinning dylib into non-fat arm64 image[+] Signing injectable .dylib with Team ID 2BUA8C4S2C and platform entitlements...[bfinject4realz] Calling task_for_pid() for PID 4338.[bfinject4realz] Calling thread_create() on PID 4338[bfinject4realz] Looking for ROP gadget... found at 0x182693118[bfinject4realz] Fake stack frame at 0x10c100000[bfinject4realz] Calling _pthread_set_self() at 0x18296071c...[bfinject4realz] Returned from '_pthread_set_self'[bfinject4realz] Calling dlopen() at 0x182692e7c...[bfinject4realz] Returned from 'dlopen'[bfinject4realz] Success! Library was loaded at 0x1c81f1000[+] Decrypting App on Device ...[+] This may take up to a minute to finish, please wait ...[+] Waiting additional 15 seconds for .ipa to be found. Edit line 271 of script to +/- waiting time...[*] Signing the executable with ldidcp: missing destination file operand after '/var/mobile/Documents/Cracked/'Try 'cp --help' for more information.rm: missing operandTry 'rm --help' for more information.'Magic Piano.ipa'[+] If you see decrypted-app.ipa above we are almost done ...Attempting to unzip .ipaunzip:  cannot find or open decrypted-app.ipa, decrypted-app.ipa.zip or decrypted-app.ipa.ZIP.bfinject: line 132: cd: Payload: No such file or directorybfinject: line 135: cd: Magic Piano.ipa: Not a directory[+] Attempting to sign Magic Piano.ipa with LDIDldid2.cpp(443): _assert(false); errno=0[+] Attempting to zip and rebuild the .ipa zip error: Nothing to do! (try: zip -r -q Magic Piano.ipa.ipa . -i Payload)rm: cannot remove 'Payload': No such file or directory[+] Signing completed successfully[+]Generated signed .ipa in /var/mobile/Magic Piano.ipa.iparm: cannot remove 'decrypted-app.ipa': No such file or directory[+] Signing completed successfully


#113
haen

haen

    Pro Caker

  • IC Trusted User
  • 102 posts
    • Time Online: 12d 3h 56m 27s
  • iDevices Owned:iPhone 4, iPhone 6, MacBook Pro, iHave a PC

Thank you so much. I'm getting this error, do you know what is it about?

EDIT: Do you know what is this error about?

[+] Electra detected.[+] Injecting into '/var/containers/Bundle/Application/DEC1A08E-2AC0-4E64-AB45-EDAFAB05D450/1Password.app/1Password'[+] Getting Team ID from target application...[+] Thinning dylib into non-fat arm64 image[+] Signing injectable .dylib with Team ID 2BUA8C4S2C and platform entitlements...[bfinject4realz] Calling task_for_pid() for PID 4338.[bfinject4realz] Calling thread_create() on PID 4338[bfinject4realz] Looking for ROP gadget... found at 0x182693118[bfinject4realz] Fake stack frame at 0x10c100000[bfinject4realz] Calling _pthread_set_self() at 0x18296071c...[bfinject4realz] Returned from '_pthread_set_self'[bfinject4realz] Calling dlopen() at 0x182692e7c...[bfinject4realz] Returned from 'dlopen'[bfinject4realz] Success! Library was loaded at 0x1c81f1000[+] Decrypting App on Device ...[+] This may take up to a minute to finish, please wait ...[+] Waiting additional 15 seconds for .ipa to be found. Edit line 271 of script to +/- waiting time...[*] Signing the executable with ldidcp: missing destination file operand after '/var/mobile/Documents/Cracked/'Try 'cp --help' for more information.rm: missing operandTry 'rm --help' for more information.'Magic Piano.ipa'[+] If you see decrypted-app.ipa above we are almost done ...Attempting to unzip .ipaunzip:  cannot find or open decrypted-app.ipa, decrypted-app.ipa.zip or decrypted-app.ipa.ZIP.bfinject: line 132: cd: Payload: No such file or directorybfinject: line 135: cd: Magic Piano.ipa: Not a directory[+] Attempting to sign Magic Piano.ipa with LDIDldid2.cpp(443): _assert(false); errno=0[+] Attempting to zip and rebuild the .ipa zip error: Nothing to do! (try: zip -r -q Magic Piano.ipa.ipa . -i Payload)rm: cannot remove 'Payload': No such file or directory[+] Signing completed successfully[+]Generated signed .ipa in /var/mobile/Magic Piano.ipa.iparm: cannot remove 'decrypted-app.ipa': No such file or directory[+] Signing completed successfully

increase wait time

[+] This may take up to a minute to finish, please wait ...
[+] Waiting additional 15 seconds for .ipa to be found. Edit line 271 of script to +/- waiting time...

  • Laxus likes this

#114
Ciappolandia

Ciappolandia

    Caker

  • IC Member
  • 33 posts
    • Time Online: 10h 1m 45s

Guys, can someone support me? I have still 30 apps I'd like to install on my iPad Pro 12.9 with iOS 11.3.1 + Electra.

 

- Apps crash at startup so I cannot use bfinject

- I tried to use "ldid2 -S" to resign them, but it didn't work --> Appinst is failing to install them: main:186 failed to install

- They are 64 bit apps

- I also tried to use "ldid2 -e" and then "ldid2 -Sent.plist", but still not working

- I cannot request a crack for them, cause it's only 1 request per month

 

What shall I do then? This lack of information and standard guide to install any cracked app on iOS 11 is making the jailbreak slowly dying...

 

... please do not reply me back to buy the app, I know I can buy it, but this website is not for this purpose (as I do understand, but correct me if I'm wrong).

 

 

Thanks for your help



#115
Ghay

Ghay

    .

  • IC Uploader
  • 21,936 posts
    • Time Online: 106d 13h 39m 20s
  • iDevices Owned:iPhone 6, iPhone 6+, iPhone 7, iPhone 7+, iPad Air, iPad Air 2, Apple Watch, iHave a PC

I have asked many times for a step by step guide to install btinject and idid 2 with a step by step guide written in PLAIN LANUAGE that members can understand but nothing forthcoming. Both methods are very hit and miss at best of times



#116
Laxus

Laxus

    Getting Known

  • IC Member
  • 11 posts
    • Time Online: 4h 24m 11s
  • Twitter:@laxusic
  • iDevices Owned:iPad Air 2

Thank you so much. I'm getting this error, do you know what is it about?
EDIT: Do you know what is this error about?

[+] Electra detected.[+] Injecting into '/var/containers/Bundle/Application/DEC1A08E-2AC0-4E64-AB45-EDAFAB05D450/1Password.app/1Password'[+] Getting Team ID from target application...[+] Thinning dylib into non-fat arm64 image[+] Signing injectable .dylib with Team ID 2BUA8C4S2C and platform entitlements...[bfinject4realz] Calling task_for_pid() for PID 4338.[bfinject4realz] Calling thread_create() on PID 4338[bfinject4realz] Looking for ROP gadget... found at 0x182693118[bfinject4realz] Fake stack frame at 0x10c100000[bfinject4realz] Calling _pthread_set_self() at 0x18296071c...[bfinject4realz] Returned from '_pthread_set_self'[bfinject4realz] Calling dlopen() at 0x182692e7c...[bfinject4realz] Returned from 'dlopen'[bfinject4realz] Success! Library was loaded at 0x1c81f1000[+] Decrypting App on Device ...[+] This may take up to a minute to finish, please wait ...[+] Waiting additional 15 seconds for .ipa to be found. Edit line 271 of script to +/- waiting time...[*] Signing the executable with ldidcp: missing destination file operand after '/var/mobile/Documents/Cracked/'Try 'cp --help' for more information.rm: missing operandTry 'rm --help' for more information.'Magic Piano.ipa'[+] If you see decrypted-app.ipa above we are almost done ...Attempting to unzip .ipaunzip:  cannot find or open decrypted-app.ipa, decrypted-app.ipa.zip or decrypted-app.ipa.ZIP.bfinject: line 132: cd: Payload: No such file or directorybfinject: line 135: cd: Magic Piano.ipa: Not a directory[+] Attempting to sign Magic Piano.ipa with LDIDldid2.cpp(443): _assert(false); errno=0[+] Attempting to zip and rebuild the .ipa zip error: Nothing to do! (try: zip -r -q Magic Piano.ipa.ipa . -i Payload)rm: cannot remove 'Payload': No such file or directory[+] Signing completed successfully[+]Generated signed .ipa in /var/mobile/Magic Piano.ipa.iparm: cannot remove 'decrypted-app.ipa': No such file or directory[+] Signing completed successfully
increase wait time
[+] This may take up to a minute to finish, please wait ...
[+] Waiting additional 15 seconds for .ipa to be found. Edit line 271 of script to +/- waiting time...

Thank you it works now :P. Do I need to delete previous cracked IPA everytime I need to decrypt?

#117
Ciappolandia

Ciappolandia

    Caker

  • IC Member
  • 33 posts
    • Time Online: 10h 1m 45s

Guys, can someone support me? I have still 30 apps I'd like to install on my iPad Pro 12.9 with iOS 11.3.1 + Electra.

 

- Apps crash at startup so I cannot use bfinject

- I tried to use "ldid2 -S" to resign them, but it didn't work --> Appinst is failing to install them: main:186 failed to install

- They are 64 bit apps

- I also tried to use "ldid2 -e" and then "ldid2 -Sent.plist", but still not working

- I cannot request a crack for them, cause it's only 1 request per month

 

What shall I do then? This lack of information and standard guide to install any cracked app on iOS 11 is making the jailbreak slowly dying...

 

... please do not reply me back to buy the app, I know I can buy it, but this website is not for this purpose (as I do understand, but correct me if I'm wrong).

 

 

Thanks for your help

 

Can someone help me?



#118
haen

haen

    Pro Caker

  • IC Trusted User
  • 102 posts
    • Time Online: 12d 3h 56m 27s
  • iDevices Owned:iPhone 4, iPhone 6, MacBook Pro, iHave a PC

Guys, can someone support me? I have still 30 apps I'd like to install on my iPad Pro 12.9 with iOS 11.3.1 + Electra.

 

- Apps crash at startup so I cannot use bfinject

- I tried to use "ldid2 -S" to resign them, but it didn't work --> Appinst is failing to install them: main:186 failed to install

- They are 64 bit apps

- I also tried to use "ldid2 -e" and then "ldid2 -Sent.plist", but still not working

- I cannot request a crack for them, cause it's only 1 request per month

 

What shall I do then? This lack of information and standard guide to install any cracked app on iOS 11 is making the jailbreak slowly dying...

 

... please do not reply me back to buy the app, I know I can buy it, but this website is not for this purpose (as I do understand, but correct me if I'm wrong).

 

 

Thanks for your help

 

to install cracked apps Just use Cydia Impactor.



#119
user_hidden

user_hidden

    Forum Admin

  • Admin
  • 11,099 posts
    • Time Online: 269d 22h 58m 21s
  • iDevices Owned:iPod Classic, iPod Touch 4, iPhone 4, iPhone SE, iPhone 6, iPhone 8, iPad Mini, iPad Mini 2, iPad 1, iPad 2, iPad 5, MacBook Air, iHave a PC
  • Most used iOS:iOS 5, iOS 6, iOS 7, iOS 8, iOS 9, iOS 10, iOS 11, iOS 12

Can someone help me?


this is a thread for "how to crack apps" NOT "how to resign apps"

place your list in the following thread: https://forum.iphone...-after-install/

#120
eduard816

eduard816

    Caker

  • IC Uploader
  • 59 posts
    • Time Online: 2d 1h 8m 26s
  • LocationAustralia

Hi, this is my first time to crack on iOS 11... and I'm having this error... what am I doing wrong?

 

1.jpg

 

Thanks!

 

Edit:

 

I have tried a different app. Using Limbo App, the app is currently running and run the bash command, and got this error message.

 

1.jpg

 

Thanks!