Signature on an iOS APP, we understand the mechanism and principle of the iOS’s signature, to start to write this article with us a heavy automatic signature script, lazy programmers as well as the ultimate strength of human progress, making the wheel to write tools can greatly avoid the repeated work, save us more time on thinking, few words said rolled up his sleeves to do:
Step 1: Get the shelled IPA package
- Download it directly from iTunes 12.6.3 or earlier (macOS Mojave Doesn’t Support). This is a legitimate IPA, which needs to be decrypted with tools like Clutch and Dumdecrypted, otherwise it cannot be installed until someone else has decrypted it
- Download jailbroken IPA package on all assistants
- Jailbreaking Mobile Phone Export
- Xcode packaging and so on
Here I downloaded wechat jailbreak ipA package to demonstrate.
Step 2: Re-sign the command line
-
After decompressing ipA, go to the directory where app is located and enter codesign -d vv WeChat. App to view the signature information of the executable file:
You can see that the signature information is now Tencent
-
Enter: security find-identity -v -p codesigning
Make a note of the string in the certificate double quotes (including double quotes) that you want to sign, which you will use later
-
Confirmation of ipa package is hulled, input: CD WeChat. App otool -l WeChat | grep crypt will output:
If cryptid is 0, it means it has been shelled, and if it is 1, it means it is encrypted. There are two sets of data here because this is an executable file that supports both CPU architectures and can be typed
file WeChat
View the architectures supported by executables: -
Delete unsigned plug-in files: PlugIns folder, Watch folder
-
Enforce re-signing for each framework in the Frameworks folder in the.app folder: coDesign-fs step 2 to sign the certificate information
-
Change your description file name to Embedded. Mobileprovision, drag it into the. App, and change the Bundle identifier in the. App info.plist file to our own BundleID
-
Create a new entitlements. Plist file under the.app directory, view the description file content: Security CMS -D I Embedded. Mobileprovision will entitlements under the node
<dict> ... . </dict>Copy the code
Copy and paste it into our newly created Entitlements. Plist file
-
The last step, to the whole package signature, back to. App directory, input: Codesign -fs step 2 in the certificate information recorded –no-strict — Entitlements =entitlements. Plist WeChat. App signature successful!
-
Zip -ry weichat. ipa Payload
Above, is through the command line step – by – step implementation application re – signature.
Finally: automatic re – signing script
Now I’ll write the script along these lines:
#${SRCROOT} this is the directory where the project files are located
TEMP_PATH="${SRCROOT}/Temp"
We will create an APP folder under the project directory in advance and put the IPA package in it
ASSETS_PATH="${SRCROOT}/APP"
# Destination IPA packet path
TARGET_IPA_PATH="${ASSETS_PATH}/*.ipa"
Clear the Temp folder
rm -rf "${SRCROOT}/Temp"
mkdir -p "${SRCROOT}/Temp"
# -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
# 1. Decompress IPA into Temp
unzip -oqq "$TARGET_IPA_PATH" -d "$TEMP_PATH"
Get the path to the unzipped temporary APP
TEMP_APP_PATH=$(set -- "$TEMP_PATH/Payload/"*.app;echo "The $1")
$TEMP_APP_PATH = $TEMP_APP_PATH
# -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
# 2. Copy the extracted. App into the project
# BUILT_PRODUCTS_DIR Path to the APP package generated by the project
# TARGET_NAME Target name
TARGET_APP_PATH="$BUILT_PRODUCTS_DIR/$TARGET_NAME.app"
echo "App path:$TARGET_APP_PATH"
rm -rf "$TARGET_APP_PATH"
mkdir -p "$TARGET_APP_PATH"
cp -rf "$TEMP_APP_PATH/" "$TARGET_APP_PATH"
# -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
# 3. Delete extension and WatchAPP. Personal certificate cannot sign Extention
rm -rf "$TARGET_APP_PATH/PlugIns"
rm -rf "$TARGET_APP_PATH/Watch"
# -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
# 4. Update the info.plist file CFBundleIdentifier
# Set :"Set: KEY Value"
/usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier $PRODUCT_BUNDLE_IDENTIFIER" "$TARGET_APP_PATH/Info.plist"
# -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
# 5. Grant execute permissions to MachO files
Get MachO file path
APP_BINARY=`plutil -convert xml1 -o - $TARGET_APP_PATH/Info.plist|grep -A1 Exec|tail -n1|cut -f2 -d\>|cut -f1 -d\ < `# execute permission on
chmod +x "$TARGET_APP_PATH/$APP_BINARY"
# -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
# 6. Re-sign the third-party FrameWorks
TARGET_APP_FRAMEWORKS_PATH="$TARGET_APP_PATH/Frameworks"
if [ -d "$TARGET_APP_FRAMEWORKS_PATH" ];
then
for FRAMEWORK in "$TARGET_APP_FRAMEWORKS_PATH/"*
do
Sign #
/usr/bin/codesign --force --sign "$EXPANDED_CODE_SIGN_IDENTITY" "$FRAMEWORK"
done
fi
Copy the code
- Drop the script directly into the.xcodeProj equivalent directory
- Xcode –> Build Phases –> New Run Script Phase:
- Now, drop the IPA package you want to re-sign into a new folder APP in the project directory (this folder has the same name as the target folder in the script you wrote) and Run! Any app will run on your real phone! This is also the preparation for the reverse.