search

KJCracks / Clutch

Fast iOS executable dumper
3.69k stars 647 forks source link

Failed to dump GoogleCast framework #186

Open Platypus2 opened 7 years ago

Platypus2 commented 7 years ago

Not sure if I am doing something wrong, but I appear to be unable to dump GoogleCast in order to dump another app:

2017-06-07 23:11:32.133 Clutch[1503:26057] command: Dump specified bundleID into .ipa file Zipping infuse.app 2017-06-07 23:11:33.033 clutch[1504:26078] command: Only dump binary files from specified bundleID ASLR slide: 0x100070000 2017-06-07 23:11:33.679 clutch[1504:26078] GoogleCast framework version 3.4.0 / cast.ios.sdk_20170313.00_RC38 Dumping (arm64) Patched cryptid (64bit segment) Dumping arm64 Successfully dumped framework GoogleCast! Child exited with status 256 Error: Failed to dump with arch arm64

2017-06-07 23:11:34.046 Clutch[1503:26076] failed operation :( 2017-06-07 23:11:34.050 Clutch[1503:26076] application <NSOperationQueue: 0x10026a300>{name = 'NSOperationQueue 0x10026a300'} Error: Failed to dump

2017-06-07 23:11:34.053 Clutch[1503:26076] failed operation :( 2017-06-07 23:11:34.054 Clutch[1503:26076] application <NSOperationQueue: 0x10026a300>{name = 'NSOperationQueue 0x10026a300'} Writing new checksum Zipping GoogleCast.framework FAILED: Finished dumping com.firecore.infuse.pro.5 in 20.1 seconds

This is compiled manually, so I don't know if theres an issue with codesigning?

Using code sign -vvvv -d Clutch seems to suggest its signed successfully.

Tatsh commented 7 years ago

A lot of frameworks fail to dump at this time.

Platypus2 commented 7 years ago

Ah okay, thought I might be doing something stupid/wrong :)

hoangpx commented 7 years ago

Here what I did.

  1. Remove GoogleCast.framework in /var/containers/Bundle/Application/.app
  2. Clutch -d to ipa file without error
  3. Extract ipa then copy GoogleCast.framework back then zip it again.
  4. Resign
  5. Install -> but app crashes when opening. The error is Termination Description: DYLD, Library not loaded: @rpath/GoogleCast.framework/GoogleCast | Referenced from: /var/containers/Bundle/Application/CE034A81-F3BF-4772-8F02-5B7A76DA1A2F/xxx.app/xxx | Reason: no suitable image found. Did find: | /private/var/containers/Bundle/Application/CE034A81-F3BF-4772-8F02-5B7A76DA1A2F/xxx.app/Frameworks/GoogleCast.framework/GoogleCast: mremap_encrypted() => -1, errno=12 for /private/var/containers/Bundle/Application/CE034A81-F3BF-4772-8F02-5B7A76DA1A2F/xxx.app/Frameworks/ What did I miss ? @Tatsh
Tatsh commented 6 years ago

You can't run it like that. Signatures won't match. You need GoogleCast to fully dump correctly before you can sign it.

andr-ggn commented 6 years ago

Same for me for similar apps :( Any update? What does status 256 mean? I m not sure, but maybe the problem is related to this and we can make a pull request?

Tatsh commented 6 years ago

Please try the latest commit and post the log. Use -d argument.