- Download latest release of palera1n.
- Connect iphone to computer.
- Jailbreak using
palera1n --setup-fakefs --fakefs
. This will setup fakefs to access to sudo later. - Once phone is running, run
palera1n -f
to load fakefs. Do it everytime you restart the phone to rejailbreak it, no need to do previous step if the phone wasn't reset.
- Ensure
openssh
package is installed on Sileo - You can then connect to
ssh mobile@IP
- Password should be
alpine
- Run
sudo zsh
and setup the sudo password
- Download the certificate as a profile. Your proxy must have a way to do it.
- Here is the full tutorial for me on Proxyman.
- Follow the steps to the end, and you are done after enabling the cert in
Settings
->General
->About
->Certificate Trust Settings
.
- Download the
.deb
latest release of ssl kill switch 2 on the phone. - Make sure package
preferenceloader
anddpkg
are installed in Sileo. dpkg -i com.nablac0d3.sslkillswitch2_0.14.deb
(install package, doable with sileo, never tried).killall -9 backboardd
(resping, possible to do in palera1n app).- Go to
Settings
->SSL Kill Switch 2
and enableDisable Certificate Validation
.
- Go to
Settings -> Wi-Fi
- Click on the
(i)
n the line of the wifi you're connected to. - Scroll down to
HTTP PROXY
->Configure Proxy
->Manual
. - Set the local ip of your computer (
192.168.1.???
) and the port of the proxy. - Save.
- On Sileo, go to
Sources
->+
. - Add source
https://build.frida.re
. - Open the source once cloned, go to
All Categories
and installFrida
.
- Must have frida on phone.
git clone https://github.com/AloneMonkey/frida-ios-dump
cd frida-ios-dump
pip install .
- In a new terminal window, run
iproxy 2222 22
(if you have issues further, tryiproxy 2222 44
, some jailbreak use different ports). - Run
python dump.py <name app of identifier> -u mobile -P alpine
- You can list apps with
frida-ps -Uai
for apps only (recommended), orfrida-ps -U
for all processes.
- You can list apps with
- The app will be in the
frida-ios-dump
directory. - Unpack it using
unzip <appname>.ipa
.
- Add to sileo sources
https://cydia.akemi.ai/
. - From it, install
Appsync Unified
. - You can now install unisgned apps.
- You can install them using the app described in the next section.
- Navigate to the
.ipa
file, click on it, and on upper right corner, clickInstall
. - If the app crashes when opening it:
- In sileo, install
TrollStore Helper
. - Open the app
TrollHelper
, and install trollstore. - Open the app
TrollStore
, go to settings, in signing category, installIdid
. - Go back to your
.ipa
file on filza ->Open in
->TrollStore
-> (wait for a popup with infos of the app to appear)Install
. - Now it should work.
- In sileo, install
- Add to sileo sources
http://tigisoftware.com/repo/
. - From it, install
Filza File Manager
(64-bits or not, idk, i took 64 bits on iphone 7). - In it, you can find the ipa file you
scp
ed on the phone, and install it easily.