Jump to content

Welcome!

Sign In or Register to gain full access to our forums.




Photo

How To Crack iOS Apps

cracking rasticrac clutch PCM appaddict uploading aslr

  • Please log in to reply
124 replies to this topic

#1 iChr0niX

iChr0niX

    Site Founder

  • Administrators
  • 671 posts

Posted 13 February 2013 - 04:08 AM

Cracking iOS Apps
 
**VIDEO AT THE BOTTOM OF TUTORIAL I SUGGEST READING THIS FIRST, AS THERE IS MORE DETAIL IN THIS TUTORIAL**

Ok so first of all id like to start off by stating that I’m relatively new to cracking iOS apps but have some knowledge and skills in other areas, which has enabled me to pick this up quite quickly. But I can see how this would be really difficult for the average user so I have decided to write in my own words exactly how to crack an app from start to finish.

It has taken me a long time to write this tutorial so if any one would like to use it else where that’s great it means I have done a good job but please credit me for my work.

I will make some videos and add tomorrow

What is Cracking iOS Apps

iOS cracking is the process by which iOS applications are decrypted (cracked) so they may be used on other jailbroken devices. The method used is crude but simple: a debugger is attached to the executable and is used to dump the decrypted segments before the executable launches. The decrypted segments are then transposed onto the original binary, and the LC_ENCRYPTION_INFO load command's cryptid field is changed to 0.

How to Crack iOS Apps - tools available

I have been using a combination of Clucth (by @KimJongCracks) and also Rasticrac (by @iRastignac) so my guide will be based upon these two tools. and last but not least CrackAddict the in-house cracking tool powered by clutch, which is the easiest for beginners...

 

CrackAddict - this is essentially a GUI for Clutch, and for beginners is the easiest way to crack, upload, and submit apps to AppAddict, all straight from your idevice - see here for more info and how to use it - CrackAddict - All In One Native iOS Cracking Tool for iOS 6 and iOS 7  - it is much easier to use than any of the other tools listed on this page...but the others are much more fun...

 

Clutch (for a while known as ClutchPatched) - for a full tutorial on crackaing with clutch, for how to use and install the latest version, see [HOW TO] Crack iOS apps with Clutch (now on 64bit!)This runs on all Devices including 64bit devices such as iPhone 5s , for bug reports, etc. the developers of clutch take messages in THIS THREAD

Rasticrac is an updated version of the popular cracking tool PCM (PoedCrackMod). This now runs on iOS 7 on all devices.....  This is a very powerful cracking tool and I suggest using it! See THIS THREAD For the latest version of Rasticrac - Rasticrac v3.1.3 , as the appaddict repo does not have the latest version at the momnet.


Tools you will need for Cracking

Obviously you will need some kind of iDevice, ideally it will be at least 16gb although I would recommend at least 32gb as the cracks take space on your device until you move them off.
You can get all the required tools from the standard Cydia repos and the AppAddict repo – please add the following repo to Cydia

 

http://AppAddict.org/repo

EDIT: THE REPO ISNT ALWAYS UP TO DATE, SO I SUGGEST U INSTALL IT MANUALLY - SEE [HOW TO] Crack iOS apps with Clutch (now on 64bit!)

 

From our repo install the following packages:

Clutch
GNU Debugger (iOS 5&6)
Rasticrac (will install quite a few dependencies from the standard Cydia repo)

Search Cydia for the following packages and also install:

MobileTerminal
Screen

Optional Installs to make life easier

SBsettings
OpenSSH
iFile
AutoLock SBSettings

Also Optional NOT from Cydia Prompt iOS App (must of installed OpenSSH from Cydia for this to work locally) – Is a SSH client that can be used as a terminal window for you device. Advantages are it is able to run in the background, can launch multiple terminal sessions and also has lots of keyboard shortcuts easily accessible.

Ok so you have installed all the required tools you are ready to crack your first app.

Cracking

If Using MobileTerminal skip this step, if you are using Prompt instead of MobileTerminal open the Prompt App, click add connection.

SSH = localhost
Username = root
Password = Leave Blank

Click on “Connect”

This will open up a CMD prompt and ask for your root password if you have never changed it please enter or continue to enter your own password. I will explain below how to change your root password I highly advise you do this. Please follow the guide below apart from opening MobileTerminal

Open MobileTerminal

Type

su root



This will ask for your root password, if you have never changed it please enter

alpine


(or continue to enter your own password.)

At this point I would strongly suggest changing your root password if it is default to do this enter the following command

passwd root



Now enter your desired password
Then confirm the password again
If there are no errors and you are back to the command prompt you have successfully changed your password

Clutch
(get root acces first, see above)

At your cmd prompt type the following command

Clutch


(must have capital C) (unless you installed it manually and renamed it)

You will get this numbered menu

iPhone:~ root# clutch
You're using a Clutch development build, checking for updates..
Your version of Clutch is up to date!
Clutch-1.3.2-git1
usage: clutch [flags] [application name] [...]
Applications available:
1) Angry Birds
2) Brazzers Mobile
3) Butch
4) CrackAddict
5) Facebook
6) Gangstar Rio
7) Gangnam Style
8) Installous
9) Movie Box
10) Music Box
11) Rasticrac
12) RedTube Mobile
13) SWAGR Pro
14) Twitter
15) Youtube
16) Zeusmos

Now enter

Clutch [corresponding number of App to be cracked]

 

for example if I want to crack Facebook, I enter

Clutch 5

Clutch will now begin to crack the chosen app/s and once done it will tell you and return to the command prompt. You have just cracked an iOS app! The cracked app/s are placed in

/var/mobile/Documents/Cracked   OR var/root/Documents/Cracked (now configurable!)



We will explain further into the document what to do with the cracked app and how to get it off of your phone and onto AppAddict.

Rasticrac

At your cmd prompt type the following command

rasticrac –m



this will now list all the encrypted applications that are installed on your device, it will list the application with a number, letter or combination of both at the side depending on how many apps you have installed.
At the prompt type in the App/s you wish to crack using the corresponding number/letter from the side of the apps name.
Rasticrac will now begin to work its magic and crack the app/s you have chosen. You will notice that Rasticrac speaks to you as it is cracking applications ;). You have just cracked an iOS app using Rasticrac. The cracked app/s are placed in

/var/root/Documents/Cracked



Getting your App onto AppAddict

Ok so you have cracked your app/s now you need to get it off your device, upload, and share the links. To do this you will need to use one of the following tools or methods to browse your iDevice’s file system

  • iFunBox
  • iExplorer
  • CyberDuck
  • An ftp client that can connect to sftp

I wont go into great detail here on how to use these applications as google is your friend and this is getting longer and longer. But basically you need to use one of the above to browse to the following location on your device

/var/root/Documents/Cracked




There you will see the app/s that you have cracked, move them to your Computer usually by just highlighting then dragging and dropping in the desired destination.

Once the cracked apps are safely on your computer rename them to include your Cracker name and its time to upload them. Sign up for your favourite file hosts and start to upload the apps please see here for AppAddict’s Approved list of file Hosts HERE


Once the app/s are uploaded you need to make a record of the links, the app versions and also get the itunes url for the app this can be done easiest I find by going HERE and searching the app. Once on the preview page with the screenshots and app information highlight the full URL from the address bar and make a note of it.

Once you have the iTunes URL, Link/s to your App/s and version/s of the app/s you can go HERE fill in the required fields and your app/s will be posted into the New & Noteworthy section of AppAddict for all to see and download.

Fix for Clutch’s cracked Apps crashing on ARMv7s Devices NO LONGER NECESSARY

Spoiler


Customisation & Auto Adding Cracker Name and Credit File[/background]

So if you are going to be cracking a lot of apps it would be a good idea to customise your cracking tools slightly and have your cracker name auto added to the file name. We can also make it so a secret credit file is placed within the app with your cracker name on it, this is so people can’t steal credit for your cracks.


Clutch
Spoiler


Rasticrac

Navigate to the following location on your device

/usr/bin



There you will see a file called “rasticrac“ open this file with your favourite text editor and amend the following depending on what you want **Be carefull in here as this is the main script also for Rasticrac. Here are the things you will most likely want to change:

# - Default CrackerName (or "Anonymous").
RCcracker="Anonymous" (Change to your cracker name)

# - Should "extra details" appear in Ipa name (ie: "iPad / 3GS / etc") ? (You can hate them)
RCextras="YES" (Change to NO if you w=don’t want extra information adding to the file names of your cracked apps)

# - Should script talk to you ? (it only speaks english, only with iOS4+, only with "speak" tool from Cydia)
RCspeak="YES" (Change to NO to turn the voice off)

# - Should artist's name be used in filename ?
RCartistfrommeta="YES" (Change to NO if you don’t want developers name in your cracked apps file name i.e. Rovio)

# - Default compression level is blank (aka "-6"), and is the best speed/size ratio.
# - Recommended. Upload/download/storage will be good.
RCcompression="" (Change to desired level -9 being smallest size and minus -1 largest – I recommend -9 or -8 as the smaller the apps the easier and quicker they are to upload)
# - Maximum compression ("-9") (also "-8" or "-7") is very very slow, but size is the best.

 

more detailed guide to configuring rasticrac -

Spoiler


Hints & Tips

If you installed SBSettings and also AutoLock SBSettings it is a good idea to use the AutoLock toggle and turn it to off before you start cracking this will stop the device from going to sleep.

If you installed iFile and have a Dropbox account, you can install the Dropbox iOS App and link it to iFile. You do this by going to Preferences in iFile, then to Remote Servers and then Link Dropbox. Now browse to the location of the cracked app/s in iFile, you will need to add .zip to the end of the file name then simply click the file and choose Dropbox. This will open Dropbox and click save this will now sync the app to your account that I expect syncs with your computer. Just remember to remove the .zip before uploading it to the file host/s.


Video
 
Cracking iOS Applications Using Rasticrac - video tutorial
 

 

Cracking iOS Applications Using CrackAddict -

 

video tutorial

 

Cracking iOS Applications Using Clutch - Coming Soon


Edited by tjglass, 01 August 2014 - 09:09 PM.
updated to the 21st century (clutch only) by MONGOLO

  • pisade, deathwish, PRAISER and 7 others like this

ichr0nixUserBar.gif

 

iChr0niX - Twitter

#AppAddictApp

 

iOS 15 UDiD Registration
iSignCloud - Install Cracked Apps on Non JailBroken Devices with AppAddict

 

iBetaCloud iOS 15 Downloads macOS 12 Download

Beta iOS 15 & macOS Monterey beta Downloads
The Internets #1 Place For All Your iOS & macOS Beta Needs - We Upload First Before Anywhere - Fact!




#2 Arrow

Arrow

    Veritas Lux Mea

  • Members
  • PipPipPipPip
  • 163 posts
  • LocationCanada

Posted 19 February 2013 - 06:06 AM

Wow, I've actually learned something today... been using clutch for a while now and didn't realize there was a configuration file that allows it to automatically include your name.


If you appreciate what I said or if I helped you on anything, a like would be nice!


#3 IPASuperior

IPASuperior

    Just your average Joe I presume.

  • Members
  • PipPip
  • 25 posts
  • LocationUSA

Posted 19 February 2013 - 06:19 AM

Hey there iChr0niX.

Just wanted to say this is a nice tutorial. :)

With the newer GNU Debugger (as my guess the repo has version 1821) it's supposed to fix a few problems in Rasticrac (again. I don't know what the newest version is :P)

But again, all in all a great tutorial. :) you covered most bases.

Keep it up :)

<edit>

Don't forget, newest version is like Gamma 5.
  • mattytree likes this

aa-ub-wow.png


#4 iChr0niX

iChr0niX

    Site Founder

  • Administrators
  • 671 posts

Posted 20 February 2013 - 01:24 AM

Wow, I've actually learned something today... been using clutch for a while now and didn't realize there was a configuration file that allows it to automatically include your name.

 

Hi Arrow

 

Glad you liked, im happy as it was my first tutorial ;)

 

Yeah the configuration FaultyClones told me about but funnily enough i was unable to find this file in and build of Clutch even from their own repo so i made the file and packaged it up with our version of Clutch. So if you struggle to find the file download clutch from our repo.


  • mattytree likes this

ichr0nixUserBar.gif

 

iChr0niX - Twitter

#AppAddictApp

 

iOS 15 UDiD Registration
iSignCloud - Install Cracked Apps on Non JailBroken Devices with AppAddict

 

iBetaCloud iOS 15 Downloads macOS 12 Download

Beta iOS 15 & macOS Monterey beta Downloads
The Internets #1 Place For All Your iOS & macOS Beta Needs - We Upload First Before Anywhere - Fact!


#5 iChr0niX

iChr0niX

    Site Founder

  • Administrators
  • 671 posts

Posted 20 February 2013 - 01:29 AM

Hey there iChr0niX.

Just wanted to say this is a nice tutorial. :)

With the newer GNU Debugger (as my guess the repo has version 1821) it's supposed to fix a few problems in Rasticrac (again. I don't know what the newest version is :P)

But again, all in all a great tutorial. :) you covered most bases.

Keep it up :)

<edit>

Don't forget, newest version is like Gamma 5.

 

Thanks IPASuperior 

 

I got a lot of inspiration from your guide ;)

 

Yeah i have tested the new Alpha version 5 with 1821 gdb, works really well I'm going to update my repo and tutorial tomorrow, also have a couple of videos to add too.

 

The one area i'm struggling with is the patching of the apps for example been trying to patch tweetbot, it is proving to be a pain. i was going to see if @ttwj had any pointers for me 

 

Anyway its nice to see you a member on here!

 

iChr0niX


ichr0nixUserBar.gif

 

iChr0niX - Twitter

#AppAddictApp

 

iOS 15 UDiD Registration
iSignCloud - Install Cracked Apps on Non JailBroken Devices with AppAddict

 

iBetaCloud iOS 15 Downloads macOS 12 Download

Beta iOS 15 & macOS Monterey beta Downloads
The Internets #1 Place For All Your iOS & macOS Beta Needs - We Upload First Before Anywhere - Fact!


#6 mattytree

mattytree

    Member

  • Members
  • PipPip
  • 18 posts

Posted 20 February 2013 - 02:30 AM

Quick question. I am trying to crack an app called fast camera, and whenever I run Clutch on it it gives me ARM7v error. This is because I am using the iPhone 5 correct?

 

 

I have a windows computer how do I do the ARM7v fix on this.


  • mattytree likes this

#7 iChr0niX

iChr0niX

    Site Founder

  • Administrators
  • 671 posts

Posted 20 February 2013 - 09:44 PM

Does clutch give you the error when you run it on the iPhone 5 during cracking.

 

Or is it cracking successful, but you getting error trying to run the app on the iPhone 5


  • mattytree likes this

ichr0nixUserBar.gif

 

iChr0niX - Twitter

#AppAddictApp

 

iOS 15 UDiD Registration
iSignCloud - Install Cracked Apps on Non JailBroken Devices with AppAddict

 

iBetaCloud iOS 15 Downloads macOS 12 Download

Beta iOS 15 & macOS Monterey beta Downloads
The Internets #1 Place For All Your iOS & macOS Beta Needs - We Upload First Before Anywhere - Fact!


#8 mattytree

mattytree

    Member

  • Members
  • PipPip
  • 18 posts

Posted 20 February 2013 - 09:53 PM

It errors and doesn't give me the IPA 

Ill upload a screenshot

 

 

http://i.imgur.com/INE4Z1e.png



#9 Arrow

Arrow

    Veritas Lux Mea

  • Members
  • PipPipPipPip
  • 163 posts
  • LocationCanada

Posted 21 February 2013 - 02:08 AM

You've probably dun goof'd.

 

Make sure you have installed ClutchPatched by FAULTYCLONES, not Dissident's Clutch, as it supports more apps that have universal binaries.


  • mattytree likes this

If you appreciate what I said or if I helped you on anything, a like would be nice!


#10 mattytree

mattytree

    Member

  • Members
  • PipPip
  • 18 posts

Posted 21 February 2013 - 02:59 AM

I got the one from this repo. How do I find the other one?

#11 Arrow

Arrow

    Veritas Lux Mea

  • Members
  • PipPipPipPip
  • 163 posts
  • LocationCanada

Posted 21 February 2013 - 03:00 AM

As I'm probably not allowed to link to other repositories, I'll upload the .deb file in a sec. Don't want to get in trouble with the feds :3

Actually... the one from the repository should work fine as it's based off of ClutchPatched.

 

Anyways, try this:

 

http://cl.ly/N4nH/clutchpatched.deb


  • mattytree likes this

If you appreciate what I said or if I helped you on anything, a like would be nice!


#12 mattytree

mattytree

    Member

  • Members
  • PipPip
  • 18 posts

Posted 21 February 2013 - 04:02 AM

Ill try that one thanks also, the one I am using works on some apps but not all. I have troubles on two games both over 200mb. So idk one was called A-Max and the other Blackwater I think.

#13 mattytree

mattytree

    Member

  • Members
  • PipPip
  • 18 posts

Posted 21 February 2013 - 04:03 AM

Ill submit the apps I have done tomorrow since I did about six that this site doesn't have but like I said big games were not cracking .

#14 mattytree

mattytree

    Member

  • Members
  • PipPip
  • 18 posts

Posted 21 February 2013 - 06:51 AM

@Arrow..

Still getting same error. Cannot crack binary.



#15 iChr0niX

iChr0niX

    Site Founder

  • Administrators
  • 671 posts

Posted 21 February 2013 - 11:16 AM

Hmm im going to buy this app and try to crack it myself on my iPhone 5 using Clutch!

 

Have you tried Raticrac?

 

Im uploading the new version today on the repo it works on the iPhone 5 ;)

 

And Cheers Arrow for not pointing to other Repos i respect that. The version of Clutch on our Repo is the Latest ClutchPatched by FaultyClones

 

Also Arrow if there are any tools you feel we should have on our Repo please let me know, i'm new to making Repos but AppAddict repo seems to be working A OK 


  • mattytree likes this

ichr0nixUserBar.gif

 

iChr0niX - Twitter

#AppAddictApp

 

iOS 15 UDiD Registration
iSignCloud - Install Cracked Apps on Non JailBroken Devices with AppAddict

 

iBetaCloud iOS 15 Downloads macOS 12 Download

Beta iOS 15 & macOS Monterey beta Downloads
The Internets #1 Place For All Your iOS & macOS Beta Needs - We Upload First Before Anywhere - Fact!


#16 likeabadstar

likeabadstar

    Member

  • Members
  • PipPip
  • 13 posts

Posted 21 February 2013 - 11:18 AM

I've ran into the same error as Mattytree on a couple now (I'm using ClutchPatched by FaultyClones and I tried rati too). I still haven't successfully found the right path to cracking 'em...

Edit: I was able to successfully do mine with the new version of Rasticrac :)
  • mattytree likes this

#17 iChr0niX

iChr0niX

    Site Founder

  • Administrators
  • 671 posts

Posted 21 February 2013 - 12:14 PM

I have just Updated the Repo With Rasticrac Alpha 5,

 

I have also updated the tutorial to reflect ;)


  • mattytree likes this

ichr0nixUserBar.gif

 

iChr0niX - Twitter

#AppAddictApp

 

iOS 15 UDiD Registration
iSignCloud - Install Cracked Apps on Non JailBroken Devices with AppAddict

 

iBetaCloud iOS 15 Downloads macOS 12 Download

Beta iOS 15 & macOS Monterey beta Downloads
The Internets #1 Place For All Your iOS & macOS Beta Needs - We Upload First Before Anywhere - Fact!


#18 mattytree

mattytree

    Member

  • Members
  • PipPip
  • 18 posts

Posted 21 February 2013 - 07:01 PM

thanks brother it worked! I used rasticrac (newer version) and cracked fast camera (which you already have) but that was on of the apps I was having problems with.



#19 deathwish

deathwish

    Cracker

  • Members
  • PipPipPip
  • 124 posts
  • LocationFL, USA

Posted 22 February 2013 - 05:17 AM

I know a bit, but this tutorial was really helpful. I have a question though, when cracking an app, do you have to choose between Clutch and Rasticrac, or do you have to crack the app with both?


Posted Image

#20 likeabadstar

likeabadstar

    Member

  • Members
  • PipPip
  • 13 posts

Posted 22 February 2013 - 05:26 AM

I know a bit, but this tutorial was really helpful. I have a question though, when cracking an app, do you have to choose between Clutch and Rasticrac, or do you have to crack the app with both?


You can choose, but the newest version of Rasticrac has been able to crack everything I've thrown at it whereas Clutch has hit some roadblocks with ARM7V errors with some apps..





Also tagged with one or more of these keywords: cracking, rasticrac, clutch, PCM, appaddict, uploading, aslr

2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users