/permasigner

🖊 Permanently signs IPAs on jailbroken iDevices (persists on stock).

Primary LanguagePythonBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

Permasigner

🖊 Permanently signs IPAs on jailbroken iDevices 14.0-14.8.1 (persists on stock).

How does it work?

In iOS 14.0-14.8.1, there is a bug where CoreTrust will allow any root certificate. Although the bug exists on iOS 15.0-15.4.1, it can not be abused (yet) since you need to be jailbroken at first to place the app in the /Applications folder. This bug does not exist on anything older than iOS 14.

This script makes a deb file for you based on an IPA. Tested only with Taurine, but should work with many others.

Based on the resign_taurine branch of CoreTrustDemo, please note that certificates are not copyrightable.

Note: unc0ver will probably fail to jailbreak. It works for some people but not everyone.

Prerequsites

  1. Mac OS X 10.5.0 (?) or later, or Linux
    • Both codesign and ldid can be used on macOS.
    • On macOS, brew is required
  2. Jailbroken iDevice on 14.0-14.8.1
    • The device needs to be jailbroken at first to place the app in the /Applications folder. After installing it'll continue working on stock.
  3. Python 3 installed on the PC
    • This can be installed with brew on macOS (brew install python3), or your favorite package manager on Linux (sudo apt install python3).

How to use

  1. Open a terminal
    • Terminal in the Utilities folder/spotlight on macOS if not sure.
    • Ctrl + Shift + T to open up a terminal on most Linux distros.
  2. Clone this repository: git clone https://github.com/itsnebulalol/permasigner && cd permasigner
    • If this fails, install git with Xcode dev tools on macOS. On Linux, install it with your favorite package manager; ex. (sudo apt install git).
  3. [macOS only] Install dpkg using brew: brew install dpkg
  4. Install all requirements: pip install -r requirements.txt or pip3 install -r requirements.txt
  5. [OPTIONAL] If you have extra entitlements, add them in app.entitlements
    • If not sure, keep it how it is.
  6. Run the script: python main.py or python3 main.py
    • [Advanced macOS Users] If you'd like the script to use codesign instead, pass -c or --codesign.
    • [Linux only] If you get an error that curl isn't found, install it using your favorite package manage; ex. sudo apt install curl.
  7. Install the newly created deb file on your iDevice
    • macOS users, airdropping the file is probably the easiest.
    • Linux users can use something like Dropbox or Mega; advanced users can use openssh-sftp-server from Procursus.
  8. Reboot to stock, the app will still work!

In Progress

  • Sign frameworks aswell
  • Pull entitlements from binary
    • Merging entitlements instead... seems like a better idea
  • Download dpkg-deb like how we did with ldid so it works with other Linux distros
  • Ask to install automatically on connected device
    • Would require using something like iProxy
  • Switch to ldid for possible Linux support
    • Maybe Procursus strapped iDevices too, if necessary pip packages are compiled for iPhoneOS

Credits

  • anyone who sent a pull request or issue! Your contribution helps a lot!

Other Stuff