jay90

Hi everyone, I'm new here and I hope this is right sub-section to post this sort of request. Basically, I do some ios coding in my spare time after work which I really enjoy and I've been making myself a few useful apps without a developer account (a free version) and there is one annoyance I have with how the provisioning works. It seems that when I deploy an app from xcode, it expires after a week and then I have to rebuild them manually to the device again which as you can imagine is annoying. I honestly don't think that creating an app yourself and being able to use it without any restrictions is much to ask but, well, Apple! I have some very basic understanding of how reverse engineering on apple devices works with tools like hex editors and decompilers and etc and I jailbroke a few devices some years back but I am in no way any sort of hacker. I hope this place can teach me a few tricks and I can further my understanding on these subjects with other people that are interested in imparting knowledge to others! So, back to the task at, hand. What I started doing, was following a basic tutorial where your archive a project, extract the ios app package with all the files, zip it and then change it to an .ipa extension (somewhat like here https://medium.com/mλgnξtλr/how-to-export-a-ipa-file-from-xcode-without-a-dev-account-bac8b2645ad3). I thought I was smart by trying to change the value of the Expiration Date in the embedded.mobileprovision file but due to the security on apple devices, when I tried to copy it to my device, I received an error ("A signed resource has been added, modified or deleted"). This prompted me to do me searching on how apple does this check and had most luck with the following stackoverflow entry: https://stackoverflow.com/questions/24583654/understanding-the-certificate-and-provisioning-profile-let-me-know-if-it-is-rig This entry had a link to an article on site which is now gone so I used a wayback machine: https://web.archive.org/web/20180212133417/http://escoz.com/blog/demystifying-ios-certificates-and-provisioning-files/ This helped me understand a little how apple uses provisions but still didn't really solve my problem. I tried a few tricks with comparing the hash values of the provision files, changing some other things and trying to find any other files that could have some kind of hash values or sync data which I could manipulate but no luck with my limited reverse engineering knowledge. Any input from you guys would be helpful. Ideally, I would not only like a solution for the problem but also gain a deeper understanding! If this is the wrong place to talk about this subject, please point me to the right place. Regards