moaningeye
Newbie-
Posts
3 -
Joined
-
Last visited
Everything posted by moaningeye
-
Help/Support Help with patching an app to get the in-app purchase
moaningeye replied to moaningeye's topic in Help & Support
Hmm so after I exported a patched binary, I have to rezip the app, turn it into an .ipa, move it to my phone, then install it through filza. Is there a faster way to do this? I tried directly moving the patched binary into the .app/ folder and overwrite the existing one but that resulted in every app crashing. My phone was unusable until I completely removed the modified app. So the flow from testing a modification is quite long. Using debugserver with lldb works somewhat but I'm not so familiar with setting breakpoints for when the function name isn't clear (or Swift instead of objc) -
Background: I am working in software, did a bit of reverse engineering on mac but haven't touched jailbreaking in a really long time I'm trying to get the inapp purchase of an app I'm using. It's a monthly subscription / life-time purchase without server component, so no online account or anything like that. There is a 2 week trial available as well. I poked around in Flex to see obvious 'is XXX enabled' methods, messed with StoreKit and tried recent versions of LocalIAPStore (& LocalIAPStore13) but no luck. LocalIAPStore didn't do anything, and the 13 version crashed the app on purchase initiation So I'm wondering what the next course of action for this app is? Get it on my mac and run it through a disassembler? Get a debugger on my iPhone working? /EDIT: Okay, used the CrackerXI app from HYI to get the ipa, poked it with a disassembler on my Mac. Found some interesting stuff that wasn't visible in Flex and tried generating a patched binary. Didn't have luck with my extracted method, but the binary did load so I will try to continue this path. Also saw that remote lldb debugging is possible so I'm going to try that next
- 1 reply
-
- 1