-
Notifications
You must be signed in to change notification settings - Fork 0
/
permasign.1
131 lines (131 loc) · 3.38 KB
/
permasign.1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
.\"
.\" permasign.1
.\" Copyright (c) 2022 TheRealKeto
.\"
.\" SPDX-License-Identifier: BSD-3-Clause
.\" Created by TheRealKeto on 9/2/2022.
.\"
.Dd April 21, 2022
.Dt PERMASIGN 1
.Os
.Sh NAME
.Nm permasign
.Nd Permanently sign any iOS app
.Sh SYNOPSIS
.Nm permasign
.Fl i , -ipa Ar FILE
.Fl e , -ents Ar ENTS
.Fl k , -cert Ar CERT
.Op Fl z , -zip
.Sh DESCRIPTION
.Nm permasign
is a command-line interface, that also functions as a library,
which utilizes
.Xr ldid 1
in order to permanently sign any iOS app.
.Pp
Due to a bug within CoreTrust found by
.An Linus Henze
& exploited by
.An zhowei ,
it's possible to permanently sign any iOS (as well as macOS)
app, bypassing the common 7-day period assigned to any
application when sideloading it with a non-developer Apple
account.
.Pp
Sadly, only several individuals are capable of taking advantage
of this command-line interface, as the target device (the device
where you want to install any permanently signed iOS app) must
be jailbroken.
This is due to the fact that, after using
.Nm permasign ,
you're still required to put the signed app bundle within the
Applications folder in the root of the device's filesystem, which
non-jailbroken iOS does not provide access to.
.Pp
The following options are supported by
.Nm permasign :
.Bl -tag -width -indent
.It Fl h , -help
Print a synopsis and all available commands.
.It Fl V , -version
Print the current version of
.Nm permasign .
.It Fl i , -ipa Ar FILE
Specify the path of the iOS app you want to sign.
.Pp
.Ar FILE
refers to the iOS app you want to sign, which can be a direct
path to any iOS app (.ipa) within your system.
This option is required.
.Pp
Once the given
.Ar FILE
is signed with
.Xr ldid 1 ,
.Nm permasign
will optionally bundle it in a ZIP archive.
The created archive contains the signed app bundle, which can
be moved to the Applications folder (/Applications) in order
for it to be shown on your homescreen.
.It Fl e , -ents Ar ENTS
Specify entitlements that
.Xr ldid 1
should apply when signing.
.Pp
.Ar ENTS
refers to any file in XML format (.xml, .plist) that contains
any entitlements that
.Xr ldid 1
will apply after the app bundle is extracted from the given
iOS app.
This option is required.
.It Fl k , -cert Ar CERT
Local certificate that permanently signs the given iOS app.
.Pp
.Ar CERT
refers to the certificate that
.Xr ldid 1
will use when signing the app bundle of the given iOS app.
This option is required.
.It Fl z , -zip
Create an archive of the signed iOS app bundle.
.Pp
When used,
.Nm permasign
will create a ZIP archive of the extracted app bundle after
it has been signed by
.Xr ldid 1 .
This behavior is optional.
.El
.Sh SEE ALSO
.Xr ldid 1 ,
.Xr uicache 1
.Sh HISTORY
.Nm permasign
is an alternative project that somewhat rivals
.Nm permasigner ,
which was written by
.An nebula (itsnebulalol) .
.Pp
.Nm permasign
is a side project meant to have a much cleaner codebase than
.Nm permasigner ,
and while it's not as extensive as its alternatives, it attempts
to provide a product that is lightweight while also being
entirely multi-platform.
.Pp
.Nm permasign
depends on
.Xr ldid 1 ,
specifically distributed by the
.An Procursus Team Aq Mt [email protected] .
.Sh AUTHORS
.Nm permasign
was written with the Python Programming Language by
.An TheRealKeto Aq Mt [email protected] .
.Sh BUGS
With the
.Fl k , -cert
flag, certificates whose passphrase is anything other than
"password" will not be accepted.