Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

IOS 12 support please #228

Closed
SergeKZ opened this issue Feb 25, 2019 · 20 comments

Comments

@SergeKZ
Copy link

commented Feb 25, 2019

please add support ios 12

@Tatsh

This comment has been minimized.

Copy link
Collaborator

commented Feb 25, 2019

What doesn't work on iOS 12?

I do not have a device here to test with. I don't suspect there are any issues building this project for iOS 12.

Also, we cannot do anything if the jailbreak you are using has invalid kernel patches for this purpose.

@talfstad

This comment has been minimized.

Copy link

commented Feb 26, 2019

in 12.1.1 here's my error:

clutch error

This causes an immediate exit with a stdout message Killed: 9

@Tatsh

This comment has been minimized.

Copy link
Collaborator

commented Feb 26, 2019

That is a strange error as I do not see why a jailbroken iOS would ever care about code signing. Jailbreaks are supposed to patch AMFI. Maybe you have to inject Clutch into the cache?

CT policy refers to certificate transparency policy.

@JoniVR

This comment has been minimized.

Copy link

commented Feb 27, 2019

@Tatsh
This worked for me.

easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`
@Tatsh

This comment has been minimized.

Copy link
Collaborator

commented Feb 28, 2019

What is the output of

ldid -e `which bash`

?

@JoniVR

This comment has been minimized.

Copy link

commented Feb 28, 2019

<?xml version="1.0" encoding="UTF-8"?>             
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> 
<plist version="1.0">                              
<dict>                                             
        <key>platform-application</key>            
        <true/>                                    
        <key>com.apple.private.skip-library-validation</key>                                           
        <true/>                                    
        <key>com.apple.private.security.no-container</key>                                             
        <true/>                                    
</dict>                                            
</plist>
@Tatsh

This comment has been minimized.

Copy link
Collaborator

commented Feb 28, 2019

Maybe we can sign with those during the build process on macOS but I am not sure. Usually if you sign with com.apple.private. stuff on macOS the binary is never allowed to run because only Apple can sign with those entitlements, but since you have to run inject it probably works around that.

@JoniVR

This comment has been minimized.

Copy link

commented Feb 28, 2019

Could give it a shot yes, either that or add the steps on how to do it manually on device to the documentation perhaps?

@insomnia417 insomnia417 referenced this issue Feb 28, 2019

Closed

@Tatsh #229

@insomnia417

This comment has been minimized.

Copy link

commented Feb 28, 2019

ios12.1.1b3 can't work too.

@Tatsh Tatsh self-assigned this Feb 28, 2019

@GL8666

This comment has been minimized.

Copy link

commented Mar 1, 2019

@Tatsh
This worked for me.

easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

It's work for me too

Tatsh added a commit that referenced this issue Mar 1, 2019

@Tatsh

This comment has been minimized.

Copy link
Collaborator

commented Mar 1, 2019

The changes are in. If this is good @SergeKZ , please close the bug (or I will close it after a time).

@Tatsh Tatsh removed their assignment Mar 1, 2019

@SergeKZ SergeKZ closed this Mar 1, 2019

@esterTion

This comment has been minimized.

Copy link

commented Mar 3, 2019

Sorry, but I still can't get clutch to properly work on iOS 12
I signed with entitlements from repo and my own cert obtained by xcode to prevent CT error. For some reason my device would panic later if I ever use inject
I also tried ldid signed bin & inject, and bin built from latest source, they all run into same problem.

Clutch is important to me as this game (PuriCone) will exit immediately in jailbroken env (detection by CrackProof), thus other kind of "open the app then decrypt" methods won't work at all.

root# Clutch-2.0.4 -b jp.co.cygames.princessconnectredive
Error: Could not obtain mach port, either the process is dead (codesign error?) or entitlements were not properly signed!

Error: Failed to dump <DefaultNotificationContent> with arch arm64

2019-03-03 13:37:38.123 Clutch-2.0.4[1017:13598] failed operation :(
2019-03-03 13:37:38.123 Clutch-2.0.4[1017:13598] application <NSOperationQueue: 0x101fc3e10>{name = 'NSOperationQueue 0x101fc3e10'}
Error: Failed to dump <DefaultNotificationContent>

2019-03-03 13:37:38.123 Clutch-2.0.4[1017:13598] failed operation :(
2019-03-03 13:37:38.123 Clutch-2.0.4[1017:13598] application <NSOperationQueue: 0x101fc3e10>{name = 'NSOperationQueue 0x101fc3e10'}
Error: Could not obtain mach port, either the process is dead (codesign error?) or entitlements were not properly signed!

Error: Failed to dump <princessconnectredive> with arch arm64

2019-03-03 13:37:38.392 Clutch-2.0.4[1017:13599] failed operation :(
2019-03-03 13:37:38.392 Clutch-2.0.4[1017:13599] application <NSOperationQueue: 0x101fc0180>{name = 'NSOperationQueue 0x101fc0180'}
Error: Failed to dump <princessconnectredive>

2019-03-03 13:37:38.393 Clutch-2.0.4[1017:13599] failed operation :(
2019-03-03 13:37:38.393 Clutch-2.0.4[1017:13599] application <NSOperationQueue: 0x101fc0180>{name = 'NSOperationQueue 0x101fc0180'}
Error: Failed to dump jp.co.cygames.princessconnectredive :(

@Tatsh

This comment has been minimized.

Copy link
Collaborator

commented Mar 3, 2019

Clutch does not try to defeat things like CrackProof. You will need other tools.

@esterTion

This comment has been minimized.

Copy link

commented Mar 3, 2019

Clutch does not try to defeat things like CrackProof. You will need other tools.

Clutch worked on iOS 9, and this is just an example dump.
It fails on every app on iOS 12.

Clutch include executables as library prevented them from executing any detection. (I think this is how Clutch works? I had read the source previously)

@Tatsh

This comment has been minimized.

Copy link
Collaborator

commented Mar 3, 2019

iOS 12 has changed a lot of things and I do not own a device to test with so I cannot verify what users are saying whether things work or not. From what I can tell, the unc0ver jailbreak is as unstable as any post iOS 9 jailbreaks and is still beta.

@victor1342

This comment has been minimized.

Copy link

commented Mar 8, 2019

Can this be reopened please? Clutch can't dump IPAs on iOS 12 and there's no sign that the issue is related to bugs in unc0ver.

@paradiseduo

This comment has been minimized.

Copy link

commented May 6, 2019

@Tatsh
This worked for me.

easy copy pasta:

# safe place to work in
cd /private/var/mobile/Documents
# Get the ent from bash and save it
ldid -e `which bash` > ent.xml
# sign Clutch with the ent. "-Sent.xml" is the correct usage
ldid -Sent.xml `which Clutch`
# inject into trust cache
inject `which Clutch`

This worked for me! I use iPhone 7 Plus with iOS 12.1.2.

@tataevr

This comment has been minimized.

Copy link

commented Jul 31, 2019

in 12.1.1 here's my error:

clutch error

This causes an immediate exit with a stdout message Killed: 9

Can you please tell me, where did you get this error log? I mean what you used to get it?

@esterTion

This comment has been minimized.

Copy link

commented Jul 31, 2019

Can you please tell me, where did you get this error log? I mean what you used to get it?

There is Apple Configurator 2 app on macOS, and idevicesyslog in libimobiledevice

@tataevr

This comment has been minimized.

Copy link

commented Jul 31, 2019

@esterTion got it. Will check that out right now. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
10 participants
You can’t perform that action at this time.