search

ChiChou / bagbak

Yet another frida based iOS dumpdecrypted. Also decrypts app extensions
MIT License
1.12k stars 184 forks source link

用bagbak后遗症 #136

Closed lengyu1983 closed 2 months ago

lengyu1983 commented 3 months ago

14.4.1 un越狱 相关app使用bagbak砸壳后,如该app有更新将无法通过appstore进行更新,只能卸载重新安装。

lasting-yang commented 2 months ago

iOS 16.7.2 使用palera1n越狱

使用bagbak砸壳前,可执行文件的权限

 ls -al /var/containers/Bundle/Application/6F96B147-B7F8-4A95-A899-EC73AC206C83/xxxx.app/xxxx
-rwxr-xr-x@ 1 _installd  _installd  38414688 Feb  8 15:18 /var/containers/Bundle/Application/6F96B147-B7F8-4A95-A899-EC73AC206C83/xxxx.app/xxxx

使用bagbak砸壳后,可执行文件的权限

 ls -al /var/containers/Bundle/Application/6F96B147-B7F8-4A95-A899-EC73AC206C83/xxxx.app/xxxx
---x--xrwx@ 1 _installd  _installd  38414688 Feb  8 15:18 /var/containers/Bundle/Application/6F96B147-B7F8-4A95-A899-EC73AC206C83/xxxx.app/xxxx

再次使用bagbak砸壳就不成功了。 报错

[info] pulling app bundle from device, please be patient
[info] downloaded 1051 files and 316 folders
[info] app bundle downloaded
node:internal/process/promises:288
            triggerUncaughtException(err, true /* fromPromise */);
            ^

[Error: EACCES: permission denied, open '/var/folders/b6/zt0zxmh15y95ckl79c82wlwm0000gn/T/bagbak/com.xxxx.ios/Payload/xxxx.app/xxxx'] {
  errno: -13,
  code: 'EACCES',
  syscall: 'open',
  path: '/var/folders/b6/zt0zxmh15y95ckl79c82wlwm0000gn/T/bagbak/com.xxxx.ios/Payload/xxxx.app/xxxx'
}

Node.js v18.10.0

有可能是bagbak修改了文件的权限,导致没办法更新,也没办法再次砸壳

ChiChou commented 2 months ago

最新版不再 chmod