Comments (12)
Download this python script and make sure you grab the entitlements from fouldecrypt before you run the tool. These are the steps:
ldid -e fouldecrypt > ent.xml
(for the entitlements backup)
python3 cpu-swipe.py fouldecrypt
you should get a message says it’s been converted successfully to the old format
ldid -Sent.xml fouldecrypt
then you should be good.
here’s the script: https://gist.github.com/dlevi309/cdde58d749bbce5c070ced56af510997
from fouldecrypt.
@dlevi309 I looked up the Mach-O specs. Your script only works with thin executables, not fat ones. The executable provided by Misty is fat. I tried changing the CPU subtype and then run ldid, but the version of ldid on iOS changes it back to 80000002, so what you said won't work anyway. To make things worse, the version of lipo on iOS doesn't recognize arm64e, so I can't even thin it to arm64e.
If I thin it to arm64, the system now complains that code signature invalid for '/usr/lib/libkrw.0.dylib'
.
from fouldecrypt.
@jack980517 why not run lipo fouldecrypt -thin arm64e -output fouldecrypt.arm64e
? and what version of lipo are you running? it works for me just fine
from fouldecrypt.
and if you’re on iOS 13.7, you should be using the tfp0 version of fouldecrypt, you don’t need to use the libkrw version
from fouldecrypt.
To make things worse, the version of lipo on iOS doesn't recognize arm64e, so I can't even thin it to arm64e.
Here's what happens if I specify arm64e:
error: lipo: unknown architecture specification flag: arm64e in specifying thin operation: -thin arm64e
lipo: known architecture flags are: any little big ppc64 x86_64 x86_64h arm64 ppc970-64 ppc i386 m68k hppa sparc m88k i860 veo arm ppc601 ppc603 ppc603e ppc603ev ppc604 ppc604e ppc750 ppc7400 ppc7450 ppc970 i486 i486SX pentium i586 pentpro i686 pentIIm3 pentIIm5 pentium4 m68030 m68040 hppa7100LC veo1 veo2 veo3 veo4 armv4t armv5 xscale armv6 armv6m armv7 armv7f armv7s armv7k armv7m armv7em arm64v8
I have tried all three versions of ldid I can find in Cydia. All have the same behavior of changing the subtype back to 80000002.
- repo: apt.bingner.com
- package name:
ldid
- friendly name: Link Identity Editor
- repo: tigisoftware.com/cydia
- package name:
am.ldid
- friendly name: ldid for Apps Manager
- repo: repo.packix.com
- package name:
org.coolstar.ldid
- friendly name: ldid (CoolStar Standalone Fork)
I don't know anything about tfp0 and libkrw. I'm just using the binary shipped by Misty, in Misty's repo, and it's identical to the one in the releases section of this repo. And I don't have a Mac so I can't compile (or use a better version of ldid and/or lipo).
from fouldecrypt.
Sorry, confused ldid and lipo for a bit there. For lipo I used CoolStar's build, available on BigBoss as org.coolstar.cctools
.
from fouldecrypt.
Sorry, confused ldid and lipo for a bit there. For lipo I used CoolStar's build, available on BigBoss as
org.coolstar.cctools
.
it’s okay, and that one’s super old, install the one available on sbingners repo (also named Darwin CC Tools
) and you should be able to thin arm64e
from fouldecrypt.
Yep, just found that out. I was just used to installing that one, as it was better than the one in the Saurik repo in the old jailbreaks.
New problem:
$ ./test2
dyld: Library not loaded: /usr/lib/libkrw.0.dylib
Referenced from: /private/var/mobile/./test2
Reason: no suitable image found. Did find:
/usr/lib/libkrw.0.dylib: arm64 dylibs cannot be loaded into arm64e processes
/usr/lib/libkrw.0.dylib: arm64 dylibs cannot be loaded into arm64e processes
/usr/lib/libkrw.0.dylib: arm64 dylibs cannot be loaded into arm64e processes
/usr/lib/libkrw.0.dylib: arm64 dylibs cannot be loaded into arm64e processes
Abort trap: 6
from fouldecrypt.
Yep, just found that out. I was just used to installing that one, as it was better than the one in the Saurik repo in the old jailbreaks.
New problem:
$ ./test2 dyld: Library not loaded: /usr/lib/libkrw.0.dylib Referenced from: /private/var/mobile/./test2 Reason: no suitable image found. Did find: /usr/lib/libkrw.0.dylib: arm64 dylibs cannot be loaded into arm64e processes /usr/lib/libkrw.0.dylib: arm64 dylibs cannot be loaded into arm64e processes /usr/lib/libkrw.0.dylib: arm64 dylibs cannot be loaded into arm64e processes /usr/lib/libkrw.0.dylib: arm64 dylibs cannot be loaded into arm64e processes Abort trap: 6
So I got the version of fouldecrypt that should run for you and have attached it here fouldecrypt.tar.gz, I’d just extracted it from this project, although if it doesn’t work and you want my advice, since you’re on iOS 13 you might as well just use flexdecrypt 🤷🏻♂️
and I was looking around about the libkrw issue, apparently the latest version is broken for arm64e on iOS 13.
from fouldecrypt.
flexdecrypt doesn't work for some apps:
2022-02-19 17:18:26.945 flexdecrypt[1334:29766] thread_get_state error: 0x4 (os/kern) invalid argument
Error: message("Failed to find executable address")
Which is why I'm looking for alternative solutions. It's really a pain to find dumping solutions on iOS 12 and up that are easy to use and work reliably.
from fouldecrypt.
Did the version I send end up working for you?
from fouldecrypt.
It does run and dump apps, even those that flexdecrypt can't decrypt.
from fouldecrypt.
Related Issues (11)
- Not working properly on iOS 14.8.1 with checkra1n
- mremap_encrypted: Operation not permitted
- Support for iOS 15
- Palera1n, 16.2, mmap: Operation not permitted HOT 2
- Decrypting fails with mmap: Operation not permitted HOT 2
- Will Taurine libkernrw0 be supported ?
- How to add support for iOS 13 (< 13.4) HOT 4
- Support for iOS 14.5 HOT 9
- How to run it from PC? HOT 2
- Is there a theoretical possibility to decrypt IPA files without device? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fouldecrypt.