0

I am using this tutorial to install my app with Frida on an Iphone 8: https://www.secjuice.com/objection-frida-guide/

To get the duplicates out of the way:

  • Building and deploying via Xcode works fine
  • The app is deleted several times before deploying again

I've focused on doing the magic of re-signing manually, so without Frida yet, it basically comes down to these few commands, I've first archived via xcode to get an ipa file, I know that it is signed with the distribution profile, so I have also tried to get the contents of the debug build (under Products in XCode), zip that as an ipa and go from there.

Get the certificates identities: security find-identity -p codesigning -v

Use applesign to sign the ipa: applesign -i E3990....1881149 -m iOS_Development.mobileprovision -o patched_codesign.ipa MyApp.ipa

iOS_Development.mobileprovision is the Development provisioning profile. I've tried to use the one that is available within the debug build (embedded.mobileprovision) and downloaded from the developer portal. I've also tried to use the iOS Distribution provisioning profile in combination with the correct certificate identifier.

Unzip the re-signed ipa: unzip patched_codesign.ipa

Deploy: ios-deploy --bundle Payload/*.app -W -d

Receive the error:

2020-10-27 08:41:40.304 ios-deploy[4282:27558] [ !! ] Error 0xe800003a: The application could not be verified. AMDeviceSecureInstallApplication(0, device, url, options, install_callback, 0)

Just to clarify that I have chosen the right certificate with the correct provisioning profile:

enter image description here

enter image description here

Also used security cms -D -i some.mobileprovision to verify that the provision profile is indeed a development profile as expected.

What am I doing wrong?

CularBytes
  • 9,924
  • 8
  • 76
  • 101
  • I would check if applesign works at all. Just use an unsigned app without any modifications for frida and test if you are able to correctly sign and install it. – Robert Oct 27 '20 at 08:21
  • Thats what I am doing, and that doesn't work. So yes, I suspect that applesign is not functioning well, but what is the alternative? – CularBytes Oct 27 '20 at 09:23
  • 1
    You can use `codesign` directly: `codesign --force --sign file`. Note that you have to do this before zipping the IPA and you have to execute this for every framework/library file in the IPA structure and then as last step the main binary with the additional ` --entitlements ...` flag. You may also have to provide an (adapted) entitlement xml file. As far as I know you don't have to resign the swift libraries - those are already signed by Apple. In any way I would strongly recommend to create an issue on the applesign project so that other are aware that it does not work. – Robert Oct 27 '20 at 10:37

0 Answers0