IPAPatch

Patch iOS Apps, The Easy Way, Without Jailbreak.

 IPAPatch provide a simple way to patch iOS Apps, without needing to jailbreak.

[ Features • Instructions • Example • FAQ • License ]

Features

IPAPatch includes an template Xcode project, that provides following features:

• Build & Run third-party ipa with your code injected

  You can run your own code inside ipa file as a dynamic library. So you can change behavior of that app by utilizing Objective-C runtime.

  Presented an custom alert in Youtube app

  

• Step-by-step Debugging with lldb

  You can debug third-party apps like your own. For example:

  • Step-by-Step debug your code inside other app
  • Set Breakpoints
  • Print objects in Xcode console with lldb
  
  

  Debugging Youtube with Xcode

  

• Link external frameworks

  By linking existing frameworks, you can integrate third-party services to apps very easily, such as Reveal.

  Inspect Youtube by linking RevealServer.framework

  

• Generate distributable .ipa files

  You can distribute your patch/work to your friends very easily, with IPAPatch generated modified version of .ipa files

  Modified version of Facebook.ipa created by IPAPatch

  

Instructions

1. Clone or Download This Project

   Download this project to your local disk

2. Prepare Decrypted IPA File

   The IPA file you use need to be decrypted, you can get a decrypted ipa from a jailbroken device or download it directly from an ipa download site, such as http://www.iphonecake.com

3. Replace Placeholder IPA

   Replace the IPA file located at IPAPatch/Assets/app.ipa with yours, this is a placeholder file. The filename should remain app.ipa after replacing.

4. Place External Resources/Frameworks (Optional)

   Follow types of external file are supported:

   • Frameworks:
     • External frameworks can be placed at IPAPatch/Assets/Frameworks folder.
     • Frameworks will be linked automatically.
     • For example IPAPatch/Assets/Frameworks/RevealServer.framework
   • Dynamic Libraries:
     • External dynamic libraries can be placed at IPAPatch/Assets/Dylibs folder.
     • Libraries will be linked automatically
   • Resources/Bundles:
     • Other resources or bundles can be placed at IPAPatch/Assets/Resources
     • Resources will be copied directly to the main bundle of original app

5. Configure Build Settings

   • Open IPAPatch.xcodeproj
   • In the Project Editor, Select Target IPAPatch-DummyApp
   • Display Name defaults to "💊", this is used as prefix of the final display name.
   • Change Bundle Identifier to match your provisioning profiles
   • Fix signing issues if any.

6. Configure IPPatch Options

   • You can config IPAPatch's behavior with Tools/options.plist

     Name	Description	Default
     RESTORE_SYMBOLS	When YES, IPAPatch will try to restore symbol table from Mach-O for debugging propose (with tools from https://github.com/tobefuturer/restore-symbol, also thanks to @henrayluo and @dannion)	NO
     CREATE_IPA_FILE	When YES, IPAPatch will generate a ipa file on each build. Genrated file is located at SRCROOT/Product	NO
     IGNORE_UI_SUPPORTED_DEVICES	When YES, IPAPatch will delete UISupportedDevices from source app's Info.plist	NO
     REMOVE_WATCHPLACEHOLDER	When YES, IPAPatch will remove com.apple.WatchPlaceholder folder from source app's bundle	YES
     USE_ORIGINAL_ENTITLEMENTS	When YES, IPAPatch will use source app's entitlements to resign, you need to make sure your Provisioning Profile matches the entitlements, or you need to disable AMFI on target device	NO

7. Code Your Patch

   The entry is at +[IPAPatchEntry load], you can write code start from here. To change apps' behavior, You may need to use some method swizzling library, such as steipete/Aspects.

8. Build and Run

   Select a real device, and hit the "Run" button at the top-left corner of Xcode. The code your wrote and external frameworks you placed will inject to the ipa file automatically.

Example

I created some demo project, which shows you how to use IPAPatch:

• Reveal + Youtube:
  • https://github.com/Naituw/IPAPatch/releases/tag/1.0
• Cycript + Youtube (Idea from @phpmaple):
  • https://github.com/Naituw/IPAPatch/releases/tag/1.0.1

FAQ

• Q: Library not loaded with reason: mach-o, but wrong architecture ?

  • A: Try set IPAPatch target's Valid Architectures to match your ipa binary's architecture.

• Q: process launch failed: Unspecified (Disabled) ?

  • A: The ipa file use with IPAPatch must be decrypted, See step.2 of Instructions.

• Q: dyld: Symbol not found: XXX, Referenced from: XXX, Expected in: XXX/libswiftXXX.dylib

• 
  
• The swift version the framework you injecting use, is incompatible with the version of your Xcode.

from https://github.com/Naituw/IPAPatch

----

相关帖子：

https://briteming.blogspot.com/2019/09/ipa.html

https://briteming.blogspot.com/2017/06/ipa.html