User Tools

Site Tools

Translations of this page:

howto:iosmod

This is an old revision of the document!


IOSMOD

Stay away from iTunes 12.7 This version removes the Apps section. This option has been removed by Apple forcing you to redownload IPA directly from your iDevice. If you still want to download previous versions of any program stay with iTunes 12.6. If you want to upload IPA files using method described below use iTunes 12.6 or external tool like iMazing Also note, from version 4.1.15 onward, the .dji_configs trick to force FCC mode no longer works, the file isnt parsed by the app. Alternative techniques are available here This page will explain how to go about modding iOS apps. It's work in progress, so please excuse the mess. ===== 1. Get an IPA file ===== If you want to mod, you will need to get an IPA file to modify. This is available in iTunes. If you want an earlier package, this can be obtained using Charles Proxy (Mac users) or Fiddler (Windows users)or similar methods. Both methods use man-in-the-middle attack to sniff SSL traffic. ===== 2. Decrypt the file ===== Currently you can't decrypt iOS apps without a device. The encryption keys are ultimately protected by an unknown key which is burned into the processor and cannot be extracted using software, That's why no “offline” decryption app has been made. You can decrypt iOS app if you have jailbroken device. If you don't have one please use links below with already decrypted DJI Go 4 app (thanks to @kilrah for the files and @cs2000 for the torrents). * Look here for up to date firmware ===== 3. Unpack the file ===== IPA files are ZIP files. If you're going to tweak, just unzip it to a directory. master@k0:~# unzip djigo4.ipa Archive: djigo4.ipa inflating: Payload/DJI GO 4.app/Info.plist inflating: iTunesMetadata.plist inflating: iTunesArtwork inflating: Payload/DJI GO 4.app/DJI GO 4 inflating: Payload/DJI GO 4.app/Frameworks/BokehFramework.framework/BokehFramework inflating: Payload/DJI GO 4.app/Frameworks/BokehFramework.framework/Info.plist … master@k0:~# ls -la total 578192 drwxr-xr-x 7 mbiernacki staff 224 7 wrz 14:19 . drwxr-xr-x 7 mbiernacki staff 224 1 wrz 13:18 .. drwxr-xr-x@ 3 mbiernacki staff 96 7 wrz 14:19 Payload -rw-r–r–@ 1 mbiernacki staff 295964720 1 wrz 13:12 djigo4.ipa -rwxr-xr-x@ 1 mbiernacki staff 55282 29 sie 05:21 iTunesArtwork -rw-r–r–@ 1 mbiernacki staff 2873 29 sie 05:21 iTunesMetadata.plist ===== 4. Mod the file ===== Some interesting stuff can be found inside the IPA (you can locate it after unzipping). Another nice place to look is your iDevice (after you install DJI Go app and run it at least once). We suggest using the iMazing tool to view these files (remember to tick 'Show hidden files and folders' in Preferences→Storage). Inside the IPA there are several interesting files: Payload/DJI\ GO\ 4.app/DJIPilotResources.bundle/plist/.DJI.configs This is the default .DJI.configs file. Replace default configuration with modified one (like force_boost), repack, resign IPA and make some tests. Payload/DJI\ GO\ 4.app/DJIPilotResources.bundle/plist/ParamList.plist This is the parameter list that can be modified with an iOS application. For example it contains this block: <file xml> <key>g_config.flying_limit.max_height_0</key> <dict> <key>paramIndex</key> <integer>236</integer> <key>type</key> <integer>1</integer> <key>length</key> <integer>2</integer> <key>getID</key> <integer>241</integer> <key>setID</key> <integer>242</integer> <key>isParam</key> <integer>1</integer> <key>min</key> <integer>20</integer> <key>max</key> <integer>500</integer> <key>default</key> <integer>120</integer> </dict> </file> [✓ aciid, 2018-07-24]Replace max value, repack, resign IPA and check Max Height parameter within application. Payload/DJI\ GO\ 4.app/*.nib Each NIB file corresponds to a single view element and can be laid out in the Interface Builder, making it a visual tool as well. Note that the name “NIB” is derived from the file extension (previously .nib and now .xib, although the old pronunciation has persisted). Build an NIB decoder and analyze contents of each file Below you can find a very simple script the will patch the NIB file, so you will be able to use it with XCode. <file bash> #!/bin/bash NIBFILENAME=${@%/} read -d '' EMPTYPLIST «“EOF” <?xml version=“1.0” encoding=“UTF-8”?> <!DOCTYPE plist PUBLIC “-AppleDTD PLIST 1.0EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd”> <plist version=“1.0”> <dict> </dict> </plist> EOF if [ -e “$NIBFILENAME” ] then if [ -f “$NIBFILENAME” ] then mv “$NIBFILENAME” “$NIBFILENAME~” mkdir “$NIBFILENAME” mv “$NIBFILENAME~” “$NIBFILENAME/keyedobjects.nib” fi echo $EMPTYPLIST > “$NIBFILENAME/classes.nib” echo $EMPTYPLIST > “$NIBFILENAME/info.nib” fi </file> ===== 5. Zip the file ===== Re-zip the file with your tweaks. master@k0:~# zip -r djigo4.ipa * adding: Payload/ (stored 0%) adding: Payload/DJI GO 4.app/ (stored 0%) adding: Payload/DJI GO 4.app/DJIHomePointExpandedView_iPhone5.nib (deflated 49%) adding: Payload/DJI GO 4.app/DJILBRadioPIPSettingView_iPhone6+.nib (deflated 62%) adding: Payload/DJI GO 4.app/DJIJoyStickSettingSegmentCell_iPhone5.nib (deflated 44%) adding: Payload/DJI GO 4.app/DJICourceLockTipsView.nib (deflated 53%) adding: Payload/DJI GO 4.app/_CodeSignature/ (stored 0%) adding: Payload/DJI GO 4.app/_CodeSignature/CodeResources (deflated 74%) ===== 6a. Resign and install your file (with Cydia) ===== Install your file with Cydia Impactor. Follow step below: 1. Make it sure you have already installed the latest version of iTunes on your Computer. 2. Download the latest version of Cydia Impactor. You can find it here: Cydia Impactor Home 3. After installation check for updates (current version is 0.9.42 works well with IOS10 and IOS11) 4. Connect your device with the PC using the USB cable. 5. Now launch the Impactor. 6. Go to “Device” and select “Install Package…” option on Cydia Impactor. 7. The application will ask for Apple ID username and Apple ID password. Warning! If you enabled 2FA (2 factor authentication) you have to visit http://appleid.apple.com and generate one-time password. This generated password has to be entered instead your Apple ID password! 8. Please be patient and let Cydia Impactor perform different tasks to sign and install the IPA file. 9. Once you see the “Complete” message on it, wake up your iPhone and go to “Settings > General > Device Management”. 10. Open the just installed profile, and trust the developer. Warning! If you are using the Apple ID registered with Apple’s Developer Program, you get the developer certificate which will remain valid for one year. In case you are using a non-developer ID, you get the certificate with 7 days validity only. or you can watch it here: * Youtube guide ===== 6b. Resign and install your file (with Xcode) ===== If you don't trust external programs like Cydia Impactor and you have your own developer keys from Apple (I mean you pay $99 per year) you can use Xcode to sign IPA file and then upload it with iTunes. To achieve it please clone the following repository: Resign Xcode project and follow the steps in the README.

howto/iosmod.1547593457.txt.gz · Last modified: 2019/01/15 23:04 by czokie