Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

IOS 12 support please #228

Closed
SergeKZ opened this issue Feb 25, 2019 · 26 comments
Closed

IOS 12 support please #228

SergeKZ opened this issue Feb 25, 2019 · 26 comments

Comments

@SergeKZ
Copy link

SergeKZ commented Feb 25, 2019

please add support ios 12

@Tatsh
Copy link
Collaborator

Tatsh commented Feb 25, 2019

What doesn't work on iOS 12?

I do not have a device here to test with. I don't suspect there are any issues building this project for iOS 12.

Also, we cannot do anything if the jailbreak you are using has invalid kernel patches for this purpose.

@talfstad
Copy link

talfstad commented Feb 26, 2019

in 12.1.1 here's my error:

clutch error

This causes an immediate exit with a stdout message Killed: 9

@Tatsh
Copy link
Collaborator

Tatsh commented Feb 26, 2019

That is a strange error as I do not see why a jailbroken iOS would ever care about code signing. Jailbreaks are supposed to patch AMFI. Maybe you have to inject Clutch into the cache?

CT policy refers to certificate transparency policy.

@JoniVR
Copy link

JoniVR commented Feb 27, 2019

@Tatsh
This worked for me.

easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

@Tatsh
Copy link
Collaborator

Tatsh commented Feb 28, 2019

What is the output of

ldid -e `which bash`

?

@JoniVR
Copy link

JoniVR commented Feb 28, 2019

<?xml version="1.0" encoding="UTF-8"?>             
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> 
<plist version="1.0">                              
<dict>                                             
        <key>platform-application</key>            
        <true/>                                    
        <key>com.apple.private.skip-library-validation</key>                                           
        <true/>                                    
        <key>com.apple.private.security.no-container</key>                                             
        <true/>                                    
</dict>                                            
</plist>

@Tatsh
Copy link
Collaborator

Tatsh commented Feb 28, 2019

Maybe we can sign with those during the build process on macOS but I am not sure. Usually if you sign with com.apple.private. stuff on macOS the binary is never allowed to run because only Apple can sign with those entitlements, but since you have to run inject it probably works around that.

@JoniVR
Copy link

JoniVR commented Feb 28, 2019

Could give it a shot yes, either that or add the steps on how to do it manually on device to the documentation perhaps?

@insomnia417 insomnia417 mentioned this issue Feb 28, 2019
@insomnia417
Copy link

insomnia417 commented Feb 28, 2019

ios12.1.1b3 can't work too.

@Tatsh Tatsh self-assigned this Feb 28, 2019
@GL8666
Copy link

GL8666 commented Mar 1, 2019

@Tatsh
This worked for me.

easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

It's work for me too

Tatsh added a commit that referenced this issue Mar 1, 2019
@Tatsh
Copy link
Collaborator

Tatsh commented Mar 1, 2019

The changes are in. If this is good @SergeKZ , please close the bug (or I will close it after a time).

@Tatsh Tatsh removed their assignment Mar 1, 2019
@SergeKZ SergeKZ closed this as completed Mar 1, 2019
@esterTion
Copy link

esterTion commented Mar 3, 2019

Sorry, but I still can't get clutch to properly work on iOS 12
I signed with entitlements from repo and my own cert obtained by xcode to prevent CT error. For some reason my device would panic later if I ever use inject
I also tried ldid signed bin & inject, and bin built from latest source, they all run into same problem.

Clutch is important to me as this game (PuriCone) will exit immediately in jailbroken env (detection by CrackProof), thus other kind of "open the app then decrypt" methods won't work at all.

root# Clutch-2.0.4 -b jp.co.cygames.princessconnectredive
Error: Could not obtain mach port, either the process is dead (codesign error?) or entitlements were not properly signed!

Error: Failed to dump <DefaultNotificationContent> with arch arm64

2019-03-03 13:37:38.123 Clutch-2.0.4[1017:13598] failed operation :(
2019-03-03 13:37:38.123 Clutch-2.0.4[1017:13598] application <NSOperationQueue: 0x101fc3e10>{name = 'NSOperationQueue 0x101fc3e10'}
Error: Failed to dump <DefaultNotificationContent>

2019-03-03 13:37:38.123 Clutch-2.0.4[1017:13598] failed operation :(
2019-03-03 13:37:38.123 Clutch-2.0.4[1017:13598] application <NSOperationQueue: 0x101fc3e10>{name = 'NSOperationQueue 0x101fc3e10'}
Error: Could not obtain mach port, either the process is dead (codesign error?) or entitlements were not properly signed!

Error: Failed to dump <princessconnectredive> with arch arm64

2019-03-03 13:37:38.392 Clutch-2.0.4[1017:13599] failed operation :(
2019-03-03 13:37:38.392 Clutch-2.0.4[1017:13599] application <NSOperationQueue: 0x101fc0180>{name = 'NSOperationQueue 0x101fc0180'}
Error: Failed to dump <princessconnectredive>

2019-03-03 13:37:38.393 Clutch-2.0.4[1017:13599] failed operation :(
2019-03-03 13:37:38.393 Clutch-2.0.4[1017:13599] application <NSOperationQueue: 0x101fc0180>{name = 'NSOperationQueue 0x101fc0180'}
Error: Failed to dump jp.co.cygames.princessconnectredive :(

@Tatsh
Copy link
Collaborator

Tatsh commented Mar 3, 2019

Clutch does not try to defeat things like CrackProof. You will need other tools.

@esterTion
Copy link

esterTion commented Mar 3, 2019

Clutch does not try to defeat things like CrackProof. You will need other tools.

Clutch worked on iOS 9, and this is just an example dump.
It fails on every app on iOS 12.

Clutch include executables as library prevented them from executing any detection. (I think this is how Clutch works? I had read the source previously)

@Tatsh
Copy link
Collaborator

Tatsh commented Mar 3, 2019

iOS 12 has changed a lot of things and I do not own a device to test with so I cannot verify what users are saying whether things work or not. From what I can tell, the unc0ver jailbreak is as unstable as any post iOS 9 jailbreaks and is still beta.

@victor1342
Copy link

victor1342 commented Mar 8, 2019

Can this be reopened please? Clutch can't dump IPAs on iOS 12 and there's no sign that the issue is related to bugs in unc0ver.

@paradiseduo
Copy link

paradiseduo commented May 6, 2019

@Tatsh
This worked for me.

easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

This worked for me! I use iPhone 7 Plus with iOS 12.1.2.

@tataevr
Copy link

tataevr commented Jul 31, 2019

in 12.1.1 here's my error:

clutch error

This causes an immediate exit with a stdout message Killed: 9

Can you please tell me, where did you get this error log? I mean what you used to get it?

@esterTion
Copy link

esterTion commented Jul 31, 2019

Can you please tell me, where did you get this error log? I mean what you used to get it?

There is Apple Configurator 2 app on macOS, and idevicesyslog in libimobiledevice

@tataevr
Copy link

tataevr commented Jul 31, 2019

@esterTion got it. Will check that out right now. Thank you!

@SummerHF
Copy link

SummerHF commented May 4, 2020

@Tatsh
This worked for me.

easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

get error -sh: inject: command not found what should i do, please?

@paradiseduo
Copy link

paradiseduo commented May 4, 2020

@Tatsh
This worked for me.
easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

get error -sh: inject: command not found what should i do, please?

inject只支持使用unc0ver的越狱方式越狱的手机

@SummerHF
Copy link

SummerHF commented May 4, 2020

@Tatsh
嗯嗯嗯, 用的checkra1n自然是敲不出来这个了 谢谢

@armnotstrong
Copy link

armnotstrong commented Nov 9, 2020

@Tatsh
This worked for me.

easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

New to unc0ver did the tool inject shipped with the unc0ver jailbreak tool kit or should I install that command myself?

Didn't find the command inject with iPhone 6s/ iOS 12.1.4 jailbreaked with unc0ver

@liaoshl
Copy link

liaoshl commented Jun 22, 2021

@Tatsh
This worked for me.
easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

New to unc0ver did the tool inject shipped with the unc0ver jailbreak tool kit or should I install that command myself?

Didn't find the command inject with iPhone 6s/ iOS 12.1.4 jailbreaked with unc0ver

mee to, have you found a solution?

@nb5p
Copy link

nb5p commented Jan 22, 2022

@Tatsh
This worked for me.
easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

New to unc0ver did the tool inject shipped with the unc0ver jailbreak tool kit or should I install that command myself?
Didn't find the command inject with iPhone 6s/ iOS 12.1.4 jailbreaked with unc0ver

mee to, have you found a solution?

Please install science.xnu.injector.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests