Decrypting fails with mmap: Operation not permitted

[marzzzello]

I wanted to try this nice tool and used the binary of the Youtube ipa package. However, I get the following error:

BA:~ root# fouldecrypt -v YouTube yt-dc
21:47:10.764865 mapping input file: YouTube
21:47:10.766114 mapping output file: yt-dc
21:47:10.767689 copying original data of size 0xe184c0...
21:47:10.778300     not fat binary, directly decrypting it!
21:47:10.778339     finding encryption_info segment in slide...
21:47:10.778347         found encryption_info segment at offset ba8
21:47:10.778352     decrypting encrypted data...
21:47:10.778357         Going to decrypt crypt page: off 0x4000 size 0x868000 cryptid 1, cpuType 100000c cpuSubType 0
21:47:10.778408         Already 16k aligned, directly go ahead :)
21:47:10.778424 -->> 16k-aligned mmaping(0x0, 0x868000, 5, 0x2, 3, 0x4000)
mmap: Operation not permitted
21:47:10.778652 <<-- 16k-aligned mmaping(0x0, 0x868000, 5, 0x2, 3, 0x4000) = 0xffffffffffffffff
21:47:10.778662 <<-- unprotect mremap_encrypted(0xffffffffffffffff, 0x868000, 1, 0x100000c, 0x0)
mremap_encrypted: Invalid argument
21:47:10.778694 -->> unprotect mremap_encrypted(0xffffffffffffffff, 0x868000, 1, 0x100000c, 0x0) = -1

I am using an iPhone 6s with iOS 14,2 and fouldecrypt 0.0.3 from your repo. Do you have an idea what the problem is? Thanks in advance

[NyaMisty]

You have to call fouldecrypt using the bundle executable path, i.e. /var/container/Bundle/......

[marzzzello]

ah, so the app needs to be installed. Thanks!