今是昨非

今是昨非

日出江花红胜火,春来江水绿如蓝
HomeArchives

iPA re-signing + Fragrant Color Boudoir, WeChat re-signing practical combat.

#技术#iOS778
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The article discusses the process of re-signing IPA files, specifically focusing on the apps "香色闺阁" and WeChat. The author explains the steps involved in re-signing the apps, including modifying the bundle identifier, replacing the embedded.mobileprovision file, re-signing frameworks, and deleting plugins. The article provides detailed instructions and commands for each step.

title: iPA Resigning + Xiangse Guige, WeChat Resigning Practical Operation
tags:
- Technology
- iOS
date: 2023-07-14 16:37#

Background#

After changing phones, I couldn't download the original Xiangse Guige, and it was lost during the transfer. Recently, I saw someone taking a screenshot of having two WeChat apps installed on their iPhone, one of which was re-signed by themselves. I thought about my developer account and wondered if I could install Xiangse Guige and have multiple instances of WeChat by re-signing the apps.

Steps#

Let's get down to business. First, let's start with something simple and try re-signing Xiangse Guige, and then try WeChat. Since Xiangse Guige has fewer files and is easier to find compared to WeChat, the steps are as follows:

Re-signing Xiangse Guige#

First, search online and download the Xiangse Guige ipa package. If you don't have it, you can download it from here yuedu.ipa.

Then, change the ipa extension to zip, and then unzip it. You will see a Payload folder, inside which there is a file called StandarReader.app. Select StandarReader.app, right-click and choose "Show Package Contents" to see all the contents of the app package, as shown in the following images:

ipa extraction

show package contents

package content

Re-signing means creating a new app with your own account (define your own bundle ID), running it on your phone, finding the running package (xxx/DriveData/xxx/Build/Products/Debug-iphoneos/xxx.app), or using the packaging method to generate an iPA using the AdHoc method (to obtain the provisioning profile and Entitlements.plist). Here, you need to make sure that the selected provisioning profile includes the devices you want to install on, and then replace the bundle ID, certificate, and provisioning profile of the app to be signed with your own created app.

So, the following content usually needs to be modified:

  • Bundle ID in Info.plist
  • embedded.mobileprovision signing file
  • Contents of _CodeSignature
  • Since regular accounts cannot sign plugins, find the Watch and PlugIns folders in the package content path and delete them directly
  • Re-signing frameworks

For the Xiangse Guige ipa, there are no plugins or frameworks, so the files that need to be modified are: Info.plist, embedded.mobileprovision, and the contents of _CodeSignature. Let's see how to modify them specifically:

Modifying the bundle ID in Info.plist#

Find the Info.plist in Payload/StandarReader.app, open it with Xcode or another editor, and find the Bundle identifier. You will see that the bundle ID for Xiangse Guige is com.appbox.StandarReader. Replace com.appbox.StandarReader with the bundle ID of your own created app, as shown in the following image:

Ps: If you are not using Xcode, you can directly search and replace.

Replacing the bundle ID

Replacing embedded.mobileprovision#

Obtain the new embedded.mobileprovision from your own created app's iPA, following the same steps as above: change it to zip -> unzip -> view package contents, and find embedded.mobileprovision. Copy it and place it outside the Payload directory that you want to replace, as shown in the following image:

New embedded.mobileprovision

Then, replace the original embedded.mobileprovision in the app with this new one. You can do this using the command line, as follows:

  1. Delete the original provisioning profile in the app 
    rm -rf Payload/xxx.app/embedded.mobileprovision
  2. Copy the new provisioning profile into the xxx.app 
    cp embedded.mobileprovision Payload/xxx.app/

Resigning#

Obtain the Entitlements.plist from your own created app's embedded.mobileprovision. Note that it should be obtained from your own created app, not from the Xiangse Guige package. Then, delete the _CodeSignature in the Xiangse Guige package, and use the generated Entitlements.plist to re-sign the Xiangse Guige package. The specific steps are as follows:

  1. Generate Entitlements.plist 
    /usr/libexec/PlistBuddy -x -c "print:Entitlements " /dev/stdin <<< $(security cms -D -i xxx.app/embedded.mobileprovision) > Entitlements.plist
  2. Delete the _CodeSignature in the Xiangse Guige package 
    rm -rf Payload/xxx.app/_CodeSignature/
  3. Re-sign the Xiangse Guige package with the new Entitlements.plist 
    // First, get the certificate name
security find-identity -v -p codesigning
// Sign with the certificate used when creating the app
codesign -f -s "Certificate Name" --entitlements entitlements.plist Payload/xxx.app

Packaging and Installation#

Compress the Payload folder back into an ipa file using the following command:

zip -r xxx.ipa Payload/

Finally, install it by selecting Xcode, then choosing Windows -> Device And Simulators, or selecting Xcode and using the shortcut Shift+CMD+2 to open the window, selecting the device, clicking "+", and choosing the generated ipa to install.

Installing ipa with Xcode

Resigning WeChat#

The first step is to obtain the WeChat ipa file, and it is important to ensure the availability of the downloaded ipa. Otherwise, after working hard for a long time, you may find that it cannot be used, mistakenly thinking that there is a problem with the steps, when it may actually be a problem with the package. The version I downloaded was finally available from here WeChat ipa.

After downloading the ipa, similar to the steps above, change the extension to .zip, unzip it, and obtain the Payload/WeChat.app, as shown in the following image:

WeChat_app

Create a new app with your own account (define your own bundle ID), run it on your phone, find the running package (xxx/DriveData/xxx/Build/Products/Debug-iphoneos/xxx.app), or use the packaging method to generate an iPA using the AdHoc method (to obtain the provisioning profile and Entitlements.plist). Here, you need to make sure that the selected provisioning profile includes the devices you want to install on, and then replace the bundle ID, certificate, and provisioning profile of the app to be signed with your own created app.

Modifying the bundleIdentifier in info.plist#

Then, view the contents of WeChat.app and find info.plist, and replace the bundleIdentifier with your own created app's bundleIdentifier (There are many files in WeChat.app, you can sort them by modification date, which will make it relatively easy to find the file you want to modify), as shown in the following image:
Modifying WeChat bundleID

Replacing embedded.mobileprovision#

Obtain the embedded.mobileprovision from your own created app, and then replace the embedded.mobileprovision in WeChat.app with it. You can directly copy and replace it.

Resigning Frameworks#

Compared to Xiangse Guige, there is an additional step here, which is to re-sign the frameworks. You need to re-sign all the libraries in the Frameworks folder with your own certificate. The contents of the Frameworks folder are shown in the following image (there may be unofficial libraries here, but signing them together does not affect the process):

Frameworks content

The command for re-signing is as follows, repeat it until all the libraries under Frameworks are signed:

codesign -fs "Your Certificate" xxx.framework

Replacing framework signature

Deleting Plugins#

The version of WeChat.app that I downloaded did not contain the Plugins content in the Content folder, so there is no need to handle it.

Replacing the Signature#

Obtain the embedded.mobileprovision from your own created app and generate the Entitlements.plist. The command is as follows:

   /usr/libexec/PlistBuddy -x -c "print:Entitlements " /dev/stdin <<< $(security cms -D -i xxx.app/embedded.mobileprovision) > Entitlements.plist

Then, delete the _CodeSignature in WeChat.app, and re-sign WeChat.app with the generated Entitlements.plist. The command is as follows, be careful with the paths of Entitlements.plist and WeChat.app:

codesign -fs "Your Certificate" --no-strict --entitlements=Entitlements.plist Payload/WeChat.app/

Resigning WeChat.app

Finally, compress /Payload/WeChat.app and generate xxx.ipa using the following command:

zip -r xxx.ipa Payload/

Finally, use Xcode to install xxx.ipa on your phone. The steps are as follows:
Select Xcode, open the window with Shipt+CMD+2, then select the device, click "+", and choose xxx.ipa to install. Wait for the installation to complete.

The final installed effect is as follows:

Final effect

Summary#

In summary, iPA resigning is the process of replacing the certificate and provisioning profile in the corresponding package with your own certificate and provisioning profile. The overall steps are as follows:

  • Find an available ipa
  • Create a new project, compile or package it, and obtain the corresponding embeded.mobileprovision
  • Modify and replace the bundleIdentifier of the package with the bundleIdentifier of your own created project
  • Update and replace the embeded.mobileprovision in the package with your own
  • Re-sign the Frameworks
  • Delete the Plugins
  • Generate Entitlements.plist from your own embeded.mobileprovision, and then re-sign xxx.app with it
  • Finally, package xxx.app into xxx.ipa and install it

References#

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.