Install .ipa without TrollStore

[fuad00]

TrollSotre is just an ipa installer witch uses CoreTrust bug. Why can't we include CoreTrust itself into generated ipa?

[kenzWeb]

i get this error when i enter seashell command:from seashell import cli File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/seashell/init.py", line 31, in from seashell.core.console import Console File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/seashell/core/console.py", line 32, in from hatsploit.lib.commands import Commands File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatsploit/init.py", line 30, in from .main import HatSploit, HatSploitGen File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatsploit/main.py", line 30, in from hatasm import HatAsm File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatasm/init.py", line 25, in from .main import HatAsm File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatasm/main.py", line 25, in from .assembler import Assembler File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatasm/assembler.py", line 25, in import keystone File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/keystone/init.py", line 4, in from .keystone import Ks, ks_version, ks_arch_supported, version_bind, debug, KsError, version File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/keystone/keystone.py", line 74, in raise ImportError("ERROR: fail to load the dynamic library.") ImportError: ERROR: fail to load the dynamic library.

[enty8080]

@kenzWeb If you are on macOS then there is the same issue here - https://github.com/keystone-engine/keystone/issues/386

[enty8080]

@fuad00 Because TrollStore bypasses the signature check that installd usually does. Read more about this here - https://github.com/opa334/ChOma/issues/6

[kenzWeb]

@kenzWebЕсли вы используете macOS, то здесь та же проблема — keystone-engine/keystone#386.

It worked, but now there's another error(i have mac m1)

Traceback (most recent call last): File "/Library/Frameworks/Python.framework/Versions/3.12/bin/seashell", line 5, in from seashell import cli File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/seashell/init.py", line 31, in from seashell.core.console import Console File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/seashell/core/console.py", line 32, in from hatsploit.lib.commands import Commands File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatsploit/init.py", line 30, in from .main import HatSploit, HatSploitGen File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatsploit/main.py", line 30, in from hatasm import HatAsm File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatasm/init.py", line 25, in from .main import HatAsm File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatasm/main.py", line 26, in from .disassembler import Disassembler File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/hatasm/disassembler.py", line 25, in import capstone File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/capstone/init.py", line 425, in _cs = _load_lib(_path) ^^^^^^^^^^^^^^^^ File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/capstone/init.py", line 398, in _load_lib return ctypes.cdll.LoadLibrary(lib_file) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/ctypes/init.py", line 460, in LoadLibrary return self._dlltype(name) ^^^^^^^^^^^^^^^^^^^ File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/ctypes/init.py", line 379, in init self._handle = _dlopen(self._name, mode) ^^^^^^^^^^^^^^^^^^^^^^^^^ OSError: dlopen(/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/capstone/lib/libcapstone.dylib, 0x0006): tried: '/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/capstone/lib/libcapstone.dylib' (mach-o file, but is an incompatible architecture (have 'x86_64', need 'arm64')), '/System/Volumes/Preboot/Cryptexes/OS/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/capstone/lib/libcapstone.dylib' (no such file), '/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/capstone/lib/libcapstone.dylib' (mach-o file, but is an incompatible architecture (have 'x86_64', need 'arm64'))

[enty8080]

@kenzWeb Try this command

pip3 install --user -U --no-cache-dir --force-reinstall --no-binary capstone capstone

I am on M1 too and this is the only solution that worked for me.

[kenzWeb]

@kenzWeb Try this command

pip3 install --user -U --no-cache-dir --force-reinstall --no-binary capstone capstone

thanks bro, its worked

[kenzWeb]

@kenzWeb Try this command

pip3 install --user -U --no-cache-dir --force-reinstall --no-binary capstone capstone

I am on M1 too and this is the only solution that worked for me.

I'm probably boring with my questions, but now I can't start TCP server(Failed to start TCP listener on port 5169!)

[enty8080]

@kenzWeb Are you sure that this port is not in use? Can you please try and change port number and check if it works?

[kenzWeb]

@kenzWebВы уверены, что этот порт не используется? Можете ли вы попробовать изменить номер порта и проверить, работает ли он?

I checked, the port's not busy

[enty8080]

@kenzWeb Hmm, this port works for me. Can you please check if your IP is 192.168.5.10. For this, run ifconfig and search for en0. Or you can open Preferences -> Network and look for your local IP.

[enty8080]

@kenzWeb Thats because 192.168.5.10 is invalid. 0.0.0.0 means it started listener on all network interfaces.

[kenzWeb]

@kenzWebЭто потому, что 192.168.5.10это недействительно. 0.0.0.0означает, что он запустил прослушиватель на всех сетевых интерфейсах.

Now it's telling me that the listener command doesn't exist.

[enty8080]

@kenzWeb This can be fixed if you reinstall SeaShell. However I don't know why this error appears, since you have already used this command.

[kenzWeb]

pip3 install --user -U --no-cache-dir --force-reinstall --no-binary capstone capstone

When I install pwny the way you did, I'm missing this command

[kenzWeb]

@kenzWeb This can be fixed if you reinstall SeaShell. However I don't know why this error appears, since you have already used this command.

If I don't install, I get an error when I log into the application :(seashell)> Exception in Thread-1 (handle_device): Traceback (most recent call last): File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/threading.py", line 1073, in _bootstrap_inner self.run() File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/threading.py", line 1010, in run self._target(*self._args, **self._kwargs) File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/seashell/commands/listener.py", line 47, in handle_device device = self.handler.handle() ^^^^^^^^^^^^^^^^^^^^^ File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/seashell/core/device.py", line 131, in handle session.open(self.client, loader=False) File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/pwny/session.py", line 87, in open client = self.ssl.wrap_client(client) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/pex/ssl/openssl.py", line 76, in wrap_client return ssl.wrap_socket( ^^^^^^^^^^^^^^^ AttributeError: module 'ssl' has no attribute 'wrap_socket'

[enty8080]

@kenzWeb Okay, write these commands one by one in your terminal:

pip3 install --force-reinstall git+https://github.com/EntySec/SeaShell
pip3 install --user -U --no-cache-dir --force-reinstall --no-binary keystone-engine keystone-engine
pip3 install --user -U --no-cache-dir --force-reinstall --no-binary capstone capstone

This should fix all problems

[kenzWeb]

^^^^^^^^^^^^^^^^^^ File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/seashell/core/device.py", line 131, in handle session.open(self.client, loader=False) File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/pwny/session.py", line 87, in open client = self.ssl.wrap_client(client) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/pex/ssl/openssl.py", line 76, in wrap_client return ssl.wrap_socket( ^^^^^^^^^^^^^^^ AttributeError: module 'ssl' has no attribute 'wrap_socket'

I've already entered it, but I get an error when I go into the app.

[enty8080]

@kenzWeb What is your python version?

[kenzWeb]

@kenzWeb What is your python version?

last

[enty8080]

@kenzWeb Gotcha. I found a problem. I will let you know when I fix it

[kenzWeb]

Gotcha. I found a problem. I will let you know when I fix it

Okay, thank you very much

[enty8080]

@kenzWeb I fixed the problem, can you please type these commands:

pip3 uninstall pex
pip3 install git+https://github.com/entysec/pex

And then try to use SeaShell.

[kenzWeb]

@kenzWeb Я исправил проблему, не могли бы вы ввести следующие команды:

pip3 uninstall pex
pip3 install git+https://github.com/entysec/pex

А затем попробуйте использовать SeaShell.

It works, thank you.

[enty8080]

@kenzWeb Have you tired accessing the phone remotely?

[kenzWeb]

@kenzWeb Have you tired accessing the phone remotely?

Yeah, I got access to my cell phone

[fuad00]

bypasses the signature check

let's bypass that signature check in our ipa payloads?