Compare commits

..

No commits in common. "79250bc7fb80dcf3e135ffc1fbd540c0a422b2ca" and "0cc5ab19780e455985e17404f425578479f343c1" have entirely different histories.

27 changed files with 90 additions and 175 deletions

View File

@ -32,10 +32,9 @@ On jailbroken iOS 14 when TrollHelper is used for installation, it is located in
## URL Scheme ## URL Scheme
As of version 1.3, TrollStore replaces the system URL scheme "apple-magnifier" (this is done so "jailbreak" detections can't detect TrollStore like they could if TrollStore had a unique URL scheme). This URL scheme can be used to install applications right from the browser, or to enable JIT from the app itself, the format goes as follows: As of version 1.3, TrollStore replaces the system URL scheme "apple-magnifier" (this is done so "jailbreak" detections can't detect TrollStore like they could if TrollStore had a unique URL scheme). This URL scheme can be used to install applications right from the browser, the format goes as follows:
- `apple-magnifier://install?url=<URL_to_IPA>` `apple-magnifier://install?url=<URL_to_IPA>`
- `apple-magnifier://enable-jit?bundle-id=<Bundle_ID>`
On devices that don't have TrollStore (1.3+) installed, this will just open the magnifier app. On devices that don't have TrollStore (1.3+) installed, this will just open the magnifier app.

View File

@ -8,12 +8,12 @@ include $(THEOS)/makefiles/common.mk
TOOL_NAME = trollstorehelper TOOL_NAME = trollstorehelper
trollstorehelper_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m) $(wildcard ../ChOma/src/*.c) ../Exploits/fastPathSign/src/coretrust_bug.c ../Exploits/fastPathSign/src/codesign.m trollstorehelper_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m) $(wildcard ../ChOma/src/*.c) ../Exploits/fastPathSign/src/coretrust_bug.c ../Exploits/fastPathSign/src/codesign.m
trollstorehelper_CFLAGS = -fobjc-arc -I../Shared $(shell pkg-config --cflags libcrypto) -I../ChOma/src -I../Exploits/fastPathSign/src -I$(shell brew --prefix)/opt/libarchive/include trollstorehelper_CFLAGS = -fobjc-arc -I../Shared $(shell pkg-config --cflags libcrypto) -I../ChOma/src -I../Exploits/fastPathSign/src
trollstorehelper_LDFLAGS = -L../ChOma/external/ios -lcrypto trollstorehelper_LDFLAGS = -L../ChOma/external/ios -lcrypto
trollstorehelper_CODESIGN_FLAGS = --entitlements entitlements.plist trollstorehelper_CODESIGN_FLAGS = --entitlements entitlements.plist
trollstorehelper_INSTALL_PATH = /usr/local/bin trollstorehelper_INSTALL_PATH = /usr/local/bin
trollstorehelper_LIBRARIES = archive trollstorehelper_LIBRARIES = archive
trollstorehelper_FRAMEWORKS = CoreTelephony trollstorehelper_FRAMEWORKS = CoreTelephony
trollstorehelper_PRIVATE_FRAMEWORKS = SpringBoardServices BackBoardServices MobileContainerManager FrontBoardServices RunningBoardServices trollstorehelper_PRIVATE_FRAMEWORKS = SpringBoardServices BackBoardServices MobileContainerManager FrontBoardServices
include $(THEOS_MAKE_PATH)/tool.mk include $(THEOS_MAKE_PATH)/tool.mk

View File

@ -48,7 +48,5 @@
<true/> <true/>
<key>com.apple.frontboard.shutdown</key> <key>com.apple.frontboard.shutdown</key>
<true/> <true/>
<key>com.apple.runningboard.process-state</key>
<true/>
</dict> </dict>
</plist> </plist>

View File

@ -1,3 +0,0 @@
#import <Foundation/Foundation.h>
int enableJIT(NSString *bundleID);

View File

@ -1,45 +0,0 @@
@import Foundation;
@import Darwin;
@interface RBSProcessPredicate
+ (instancetype)predicateMatchingBundleIdentifier:(NSString *)bundleID;
@end
@interface RBSProcessHandle
+ (instancetype)handleForPredicate:(RBSProcessPredicate *)predicate error:(NSError **)error;
- (int)rbs_pid;
@end
#define PT_DETACH 11
#define PT_ATTACHEXC 14
int ptrace(int request, pid_t pid, caddr_t addr, int data);
int enableJIT(NSString *bundleID) {
#ifdef EMBEDDED_ROOT_HELPER
return -1;
#else
RBSProcessPredicate *predicate = [RBSProcessPredicate predicateMatchingBundleIdentifier:bundleID];
RBSProcessHandle* process = [RBSProcessHandle handleForPredicate:predicate error:nil];
int pid = process.rbs_pid;
if (!pid)
{
return ESRCH;
}
int ret = ptrace(PT_ATTACHEXC, pid, 0, 0);
if (ret == -1)
{
return errno;
}
usleep(100000);
ret = ptrace(PT_DETACH, pid, 0, 0);
if (ret == -1)
{
return errno;
}
return 0;
#endif
}

View File

@ -11,7 +11,6 @@
#import <mach-o/loader.h> #import <mach-o/loader.h>
#import <mach-o/fat.h> #import <mach-o/fat.h>
#import "devmode.h" #import "devmode.h"
#import "jit.h"
#ifndef EMBEDDED_ROOT_HELPER #ifndef EMBEDDED_ROOT_HELPER
#import "codesign.h" #import "codesign.h"
#import "coretrust_bug.h" #import "coretrust_bug.h"
@ -1574,12 +1573,6 @@ int MAIN_NAME(int argc, char *argv[], char *envp[])
// Give the system some time to reboot // Give the system some time to reboot
sleep(1); sleep(1);
} }
else if([cmd isEqualToString:@"enable-jit"])
{
if(args.count < 2) return -3;
NSString* userAppId = args.lastObject;
ret = enableJIT(userAppId);
}
NSLog(@"trollstorehelper returning %d", ret); NSLog(@"trollstorehelper returning %d", ret);
return ret; return ret;

View File

@ -1,7 +1,7 @@
#import "unarchive.h" #import "unarchive.h"
#include <archive.h> #include <libarchive/archive.h>
#include <archive_entry.h> #include <libarchive/archive_entry.h>
static int static int
copy_data(struct archive *ar, struct archive *aw) copy_data(struct archive *ar, struct archive *aw)

View File

@ -21,7 +21,7 @@ APPLICATION_NAME = TrollStorePersistenceHelper
TrollStorePersistenceHelper_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m) TrollStorePersistenceHelper_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m)
TrollStorePersistenceHelper_FRAMEWORKS = UIKit CoreGraphics CoreServices CoreTelephony TrollStorePersistenceHelper_FRAMEWORKS = UIKit CoreGraphics CoreServices CoreTelephony
TrollStorePersistenceHelper_PRIVATE_FRAMEWORKS = Preferences MobileContainerManager TrollStorePersistenceHelper_PRIVATE_FRAMEWORKS = Preferences MobileContainerManager
TrollStorePersistenceHelper_CFLAGS = -fobjc-arc -I../Shared -I$(shell brew --prefix)/opt/libarchive/include TrollStorePersistenceHelper_CFLAGS = -fobjc-arc -I../Shared
ifeq ($(LEGACY_CT_BUG),1) ifeq ($(LEGACY_CT_BUG),1)
TrollStorePersistenceHelper_CODESIGN_FLAGS = -Sentitlements.plist -K../legacy.p12 TrollStorePersistenceHelper_CODESIGN_FLAGS = -Sentitlements.plist -K../legacy.p12

View File

@ -62,10 +62,83 @@
</array> </array>
<key>UIRequiredDeviceCapabilities</key> <key>UIRequiredDeviceCapabilities</key>
<array> <array>
<string>arm64</string> <string>armv7</string>
</array>
<key>UILaunchImageFile</key>
<string>LaunchImage</string>
<key>UILaunchImages</key>
<array>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>7.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{320, 480}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>7.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-700-568h</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{320, 568}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>7.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-Portrait</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{768, 1024}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>7.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-Landscape</string>
<key>UILaunchImageOrientation</key>
<string>Landscape</string>
<key>UILaunchImageSize</key>
<string>{768, 1024}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>8.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-800-667h</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{375, 667}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>8.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-800-Portrait-736h</string>
<key>UILaunchImageOrientation</key>
<string>Portrait</string>
<key>UILaunchImageSize</key>
<string>{414, 736}</string>
</dict>
<dict>
<key>UILaunchImageMinimumOSVersion</key>
<string>8.0</string>
<key>UILaunchImageName</key>
<string>LaunchImage-800-Landscape-736h</string>
<key>UILaunchImageOrientation</key>
<string>Landscape</string>
<key>UILaunchImageSize</key>
<string>{414, 736}</string>
</dict>
</array> </array>
<key>UILaunchStoryboardName</key>
<string>LaunchScreen</string>
<key>UISupportedInterfaceOrientations</key> <key>UISupportedInterfaceOrientations</key>
<array> <array>
<string>UIInterfaceOrientationPortrait</string> <string>UIInterfaceOrientationPortrait</string>

View File

View File

View File

@ -12,7 +12,7 @@ TrollStore_FILES = $(wildcard *.m) $(wildcard ../Shared/*.m)
TrollStore_FRAMEWORKS = UIKit CoreGraphics CoreServices CoreTelephony TrollStore_FRAMEWORKS = UIKit CoreGraphics CoreServices CoreTelephony
TrollStore_PRIVATE_FRAMEWORKS = Preferences MobileIcons MobileContainerManager TrollStore_PRIVATE_FRAMEWORKS = Preferences MobileIcons MobileContainerManager
TrollStore_LIBRARIES = archive TrollStore_LIBRARIES = archive
TrollStore_CFLAGS = -fobjc-arc -I../Shared -I$(shell brew --prefix)/opt/libarchive/include TrollStore_CFLAGS = -fobjc-arc -I../Shared
TrollStore_CODESIGN_FLAGS = --entitlements entitlements.plist TrollStore_CODESIGN_FLAGS = --entitlements entitlements.plist
include $(THEOS_MAKE_PATH)/application.mk include $(THEOS_MAKE_PATH)/application.mk

View File

@ -6,8 +6,8 @@
// //
#import <Foundation/Foundation.h> #import <Foundation/Foundation.h>
#import <archive.h> #import <libarchive/archive.h>
#import <archive_entry.h> #import <libarchive/archive_entry.h>
@import UIKit; @import UIKit;
@interface TSAppInfo : NSObject @interface TSAppInfo : NSObject
@ -50,7 +50,6 @@
- (NSAttributedString*)detailedInfoTitle; - (NSAttributedString*)detailedInfoTitle;
- (NSAttributedString*)detailedInfoDescription; - (NSAttributedString*)detailedInfoDescription;
//- (UIImage*)image; //- (UIImage*)image;
- (BOOL)isDebuggable;
- (void)log; - (void)log;
@end @end

View File

@ -1165,23 +1165,5 @@ extern UIImage* imageWithSize(UIImage* image, CGSize size);
}]; }];
} }
- (BOOL)isDebuggable
{
[self loadEntitlements];
__block BOOL debuggable = NO;
[self enumerateAllEntitlements:^(NSString *key, NSObject *value, BOOL *stop)
{
if([key isEqualToString:@"get-task-allow"])
{
NSNumber* valueNum = (NSNumber*)value;
if(valueNum && [valueNum isKindOfClass:NSNumber.class])
{
debuggable = valueNum.boolValue;
*stop = YES;
}
}
}];
return debuggable;
}
@end @end

View File

@ -187,7 +187,7 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
[TSInstallationController presentInstallationAlertIfEnabledForFile:pathToIPA isRemoteInstall:NO completion:nil]; [TSInstallationController presentInstallationAlertIfEnabledForFile:pathToIPA isRemoteInstall:NO completion:nil];
} }
- (void)openAppPressedForRowAtIndexPath:(NSIndexPath*)indexPath enableJIT:(BOOL)enableJIT - (void)openAppPressedForRowAtIndexPath:(NSIndexPath*)indexPath
{ {
TSApplicationsManager* appsManager = [TSApplicationsManager sharedInstance]; TSApplicationsManager* appsManager = [TSApplicationsManager sharedInstance];
@ -211,17 +211,6 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
[didFailController addAction:cancelAction]; [didFailController addAction:cancelAction];
[TSPresentationDelegate presentViewController:didFailController animated:YES completion:nil]; [TSPresentationDelegate presentViewController:didFailController animated:YES completion:nil];
} }
else if (enableJIT)
{
int ret = [appsManager enableJITForBundleID:appId];
if (ret != 0)
{
UIAlertController* errorAlert = [UIAlertController alertControllerWithTitle:@"Error" message:[NSString stringWithFormat:@"Error enabling JIT: trollstorehelper returned %d", ret] preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction* closeAction = [UIAlertAction actionWithTitle:@"Close" style:UIAlertActionStyleDefault handler:nil];
[errorAlert addAction:closeAction];
[TSPresentationDelegate presentViewController:errorAlert animated:YES completion:nil];
}
}
} }
- (void)showDetailsPressedForRowAtIndexPath:(NSIndexPath*)indexPath - (void)showDetailsPressedForRowAtIndexPath:(NSIndexPath*)indexPath
@ -435,21 +424,11 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
UIAlertAction* openAction = [UIAlertAction actionWithTitle:@"Open" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action) UIAlertAction* openAction = [UIAlertAction actionWithTitle:@"Open" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
{ {
[self openAppPressedForRowAtIndexPath:indexPath enableJIT:NO]; [self openAppPressedForRowAtIndexPath:indexPath];
[self deselectRow]; [self deselectRow];
}]; }];
[appSelectAlert addAction:openAction]; [appSelectAlert addAction:openAction];
if ([appInfo isDebuggable])
{
UIAlertAction* openWithJITAction = [UIAlertAction actionWithTitle:@"Open with JIT" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
{
[self openAppPressedForRowAtIndexPath:indexPath enableJIT:YES];
[self deselectRow];
}];
[appSelectAlert addAction:openWithJITAction];
}
UIAlertAction* showDetailsAction = [UIAlertAction actionWithTitle:@"Show Details" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action) UIAlertAction* showDetailsAction = [UIAlertAction actionWithTitle:@"Show Details" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
{ {
[self showDetailsPressedForRowAtIndexPath:indexPath]; [self showDetailsPressedForRowAtIndexPath:indexPath];

View File

@ -16,7 +16,6 @@
- (int)uninstallApp:(NSString*)appId; - (int)uninstallApp:(NSString*)appId;
- (int)uninstallAppByPath:(NSString*)path; - (int)uninstallAppByPath:(NSString*)path;
- (BOOL)openApplicationWithBundleID:(NSString *)appID; - (BOOL)openApplicationWithBundleID:(NSString *)appID;
- (int)enableJITForBundleID:(NSString *)appID;
- (int)changeAppRegistration:(NSString*)appPath toState:(NSString*)newState; - (int)changeAppRegistration:(NSString*)appPath toState:(NSString*)newState;
@end @end

View File

@ -179,11 +179,6 @@ extern NSUserDefaults* trollStoreUserDefaults();
return [[LSApplicationWorkspace defaultWorkspace] openApplicationWithBundleID:appId]; return [[LSApplicationWorkspace defaultWorkspace] openApplicationWithBundleID:appId];
} }
- (int)enableJITForBundleID:(NSString *)appId
{
return spawnRoot(rootHelperPath(), @[@"enable-jit", appId], nil, nil);
}
- (int)changeAppRegistration:(NSString*)appPath toState:(NSString*)newState - (int)changeAppRegistration:(NSString*)appPath toState:(NSString*)newState
{ {
if(!appPath || !newState) return -200; if(!appPath || !newState) return -200;

View File

@ -1,7 +1,6 @@
#import "TSSceneDelegate.h" #import "TSSceneDelegate.h"
#import "TSRootViewController.h" #import "TSRootViewController.h"
#import "TSUtil.h" #import "TSUtil.h"
#import "TSApplicationsManager.h"
#import "TSInstallationController.h" #import "TSInstallationController.h"
#import <TSPresentationDelegate.h> #import <TSPresentationDelegate.h>
@ -68,61 +67,8 @@
[TSInstallationController handleAppInstallFromRemoteURL:URLToInstall completion:nil]; [TSInstallationController handleAppInstallFromRemoteURL:URLToInstall completion:nil];
} }
} }
else if([components.host isEqualToString:@"enable-jit"])
{
NSString* BundleIDToEnableJIT;
for(NSURLQueryItem* queryItem in components.queryItems)
{
if([queryItem.name isEqualToString:@"bundle-id"])
{
BundleIDToEnableJIT = queryItem.value;
break;
} }
} }
if(BundleIDToEnableJIT && [BundleIDToEnableJIT isKindOfClass:NSString.class])
{
dispatch_async(dispatch_get_main_queue(), ^
{
[self handleEnableJITForBundleID:BundleIDToEnableJIT];
});
}
}
}
}
}
}
- (void)handleEnableJITForBundleID:(NSString *)appId
{
TSApplicationsManager* appsManager = [TSApplicationsManager sharedInstance];
BOOL didOpen = [appsManager openApplicationWithBundleID:appId];
// if we failed to open the app, show an alert
if(!didOpen)
{
NSString* failMessage = @"";
// we don't have TSAppInfo here so we cannot check the registration state
NSString* failTitle = [NSString stringWithFormat:@"Failed to open %@", appId];
UIAlertController* didFailController = [UIAlertController alertControllerWithTitle:failTitle message:failMessage preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction* cancelAction = [UIAlertAction actionWithTitle:@"Cancel" style:UIAlertActionStyleCancel handler:nil];
[didFailController addAction:cancelAction];
[TSPresentationDelegate presentViewController:didFailController animated:YES completion:nil];
}
else
{
int ret = [appsManager enableJITForBundleID:appId];
if (ret != 0)
{
UIAlertController* errorAlert = [UIAlertController alertControllerWithTitle:@"Error" message:[NSString stringWithFormat:@"Error enabling JIT: trollstorehelper returned %d", ret] preferredStyle:UIAlertControllerStyleAlert];
UIAlertAction* closeAction = [UIAlertAction actionWithTitle:@"Close" style:UIAlertActionStyleDefault handler:nil];
[errorAlert addAction:closeAction];
[TSPresentationDelegate presentViewController:errorAlert animated:YES completion:nil];
}
} }
} }

View File

@ -291,7 +291,7 @@ extern NSUserDefaults* trollStoreUserDefaults(void);
PSSpecifier* installationSettingsGroupSpecifier = [PSSpecifier emptyGroupSpecifier]; PSSpecifier* installationSettingsGroupSpecifier = [PSSpecifier emptyGroupSpecifier];
installationSettingsGroupSpecifier.name = @"Security"; installationSettingsGroupSpecifier.name = @"Security";
[installationSettingsGroupSpecifier setProperty:@"The URL Scheme, when enabled, will allow apps and websites to trigger TrollStore installations through the apple-magnifier://install?url=<IPA_URL> URL scheme and enable JIT through the apple-magnifier://enable-jit?bundle-id=<BUNDLE_ID> URL scheme." forKey:@"footerText"]; [installationSettingsGroupSpecifier setProperty:@"The URL Scheme, when enabled, will allow apps and websites to trigger TrollStore installations through the apple-magnifier://install?url=<IPA_URL> URL scheme." forKey:@"footerText"];
[_specifiers addObject:installationSettingsGroupSpecifier]; [_specifiers addObject:installationSettingsGroupSpecifier];