Permasigner
🖊 Permanently signs IPAs on jailbroken iDevices 14.0-14.8.1 (persists on stock).
How does it work?
In 14.0-15.4.1, there is a bug where CoreTrust will allow any root certificate.
This script makes a deb file for you based on an IPA. Tested with Taurine and Odyssey, but should work with many others.
This is especially useful for 14.0-14.2.1 users who don't have a permanently signed jailbreak (eg. unc0ver + Fugu14).
Prerequsites
- Mac OS X 10.5.0 (?) or later, personally tested on macOS 13.0 OR Debian based Linux
- Both codesign and ldid can be used on macOS.
- Arch based Linux won't work (yet) since it doesn't have dpkg
- Jailbroken iDevice on 14.0-14.8.1
How to use
- Clone this repository:
git clone https://github.com/itsnebulalol/permasigner - Install all requirements:
pip install -r requirements.txt - Edit the app's entitlements in
app.entitlements- If not sure, keep it how it is, it may work.
- Some apps like Dolphin have custom entitlements to use.
- Install dpkg using brew
- Run the script
- If you'd like the script to use codesign instead, pass
-cor--codesign
- If you'd like the script to use codesign instead, pass
- Install the newly created deb file
- Reboot to stock, the app will still work!
- ??
- Profit?
In Progress
- Pull entitlements from binary
- Only works on signed binaries...
- Download dpkg-deb like how we did with ldid so it works with other Linux distros
- Ask to install automatically on connected device
- Would require using something like iProxy
- Switch to ldid for possible Linux support
- Maybe Procursus strapped iDevices too, if necessary pip packages are compiled for iPhoneOS
Credits
- Linus Henze for the bug
- zhuowei for the original Taurine script
- RexSonic for the fix