leonjza
commented
5 years ago Can you try and patch from a directory other than /tmp please?
Closed shehanmkg closed 4 years ago
leonjza
commented
5 years ago Can you try and patch from a directory other than /tmp please?
shehanmkg
commented
5 years ago it detects /tmp as the default path.
leonjza
commented
5 years ago I actually cannot reproduce this locally. Please can you show me the full command you used, as well as your current working directory where you are invoking this from (output of pwd).
danielsitnik
commented
5 years ago I am experiencing the same issue, upgraded to the latest version today.
Using latest Github gadget version: 12.7.11
Patcher will be using Gadget version: 12.7.11
No provision file specified, searching for one...
Found provision file /Users/daniel.sitnik/Library/Developer/Xcode/DerivedData/Sputnik-czheaxcjhanwldgrnaotogzzbqlj/Build/Products/Debug-iphoneos/Sputnik.app/embedded.mobileprovision expiring in 363 days, 7:10:49.231091
Found a valid provisioning profile
Working with app: Sputnik.app
Bundle identifier is: com.sputnik.Sputnik
Creating Frameworks directory for FridaGadget...
Codesigning 1 .dylib's with signature 49011EB9.....
Code signing: FridaGadget.dylib
Creating new archive with patched contents...
Codesigning patched IPA...
Cannot find entitlements in binary. Using defaults
{ Error: EEXIST: file already exists, mkdir '/var/folders/2q/5dmz3lwx1rjbt2zkc73gj4480000gn/T'
at Object.mkdirSync (fs.js:731:3)
at Object.zip (/Users/daniel.sitnik/.nvm/versions/node/v10.11.0/lib/node_modules/applesign/lib/tools.js:149:6)
errno: -17,
syscall: 'mkdir',
code: 'EEXIST',
path: '/var/folders/2q/5dmz3lwx1rjbt2zkc73gj4480000gn/T' }
Copying final ipa from /var/folders/2q/5dmz3lwx1rjbt2zkc73gj4480000gn/T/Sputnik-frida-codesigned.ipa to current directory...
Traceback (most recent call last):
File "/usr/local/bin/objection", line 10, in <module>
sys.exit(cli())
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 764, in __call__
return self.main(*args, **kwargs)
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 717, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 1137, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 956, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.7/site-packages/click/core.py", line 555, in invoke
return callback(*args, **kwargs)
File "/usr/local/lib/python3.7/site-packages/objection/console/cli.py", line 309, in patchipa
patch_ios_ipa(**locals())
File "/usr/local/lib/python3.7/site-packages/objection/commands/mobile_packages.py", line 85, in patch_ios_ipa
os.path.join(os.path.abspath('.'), os.path.basename(patcher.get_patched_ipa_path())))
File "/usr/local/Cellar/python/3.7.4_1/Frameworks/Python.framework/Versions/3.7/lib/python3.7/shutil.py", line 120, in copyfile
with open(src, 'rb') as fsrc:
FileNotFoundError: [Errno 2] No such file or directory: '/var/folders/2q/5dmz3lwx1rjbt2zkc73gj4480000gn/T/Sputnik-frida-codesigned.ipa'
Cleaning up temp files...
Failed to cleanup with error: [Errno 2] No such file or directory: '/var/folders/2q/5dmz3lwx1rjbt2zkc73gj4480000gn/T/Sputnik-frida-codesigned.ipa'I'm running from the same directory as the source IPA, in my case it is /Users/daniel.sitnik/Dev/frida
leonjza
commented
5 years ago Looking at the error again, this looks like it may be bubbled from node-applesign. Could you tell me the version you have installed?
danielsitnik
commented
5 years ago Mine is 3.4.2 (node 10.11.0)
leonjza
commented
5 years ago Ah that must be it then. I still have 2.3.1 (yikes)! Will work on this asap. Thanks for reporting.
danielsitnik
commented
5 years ago Glad to help, thanks for the fast response.
leonjza
commented
5 years ago I upgraded applesign locally to have 3.4.2 and still can't seem to replicate this :|
Could you please test by running applesign manually on a copy of the target IPA you are trying patch? The command format is:
applesign -i <identity> -m <path to embedded.mobileprovision> -o test.ipa <copy of source ipa>Ok, I ran applesign manually here inside the directory where the source ipa is located.
The first time I ran I got this:
applesign -i 3C5B7... -m /Users/daniel.sitnik/Library/Developer/.../embedded.mobileprovision -o test.ipa Sputnik.ipa
File: /Users/daniel.sitnik/Dev/frida/Sputnik.ipa
Outdir: /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.cd80f9e7-ab2e-4e02-b13b-4b7e72c7aee3
Cleaning up /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.cd80f9e7-ab2e-4e02-b13b-4b7e72c7aee3
Unzipping /Users/daniel.sitnik/Dev/frida/Sputnik.ipa
Main IPA executable is not encrypted
Embedding new mobileprovision
{"application-identifier":"F8C9CWTNFB.*","keychain-access-groups":["F8C9CWTNFB.*"],"get-task-allow":true,"com.apple.developer.team-identifier":"F8C9CWTNFB"}
Updated binary entitlements/Users/daniel.sitnik/Dev/frida/Sputnik.ipa.cd80f9e7-ab2e-4e02-b13b-4b7e72c7aee3/Payload/Sputnik.app/Sputnik.entitlements
Signing libraries and frameworks
Resolving signing order using layered list
Nested: ["/Users/daniel.sitnik/Dev/frida/Sputnik.ipa.cd80f9e7-ab2e-4e02-b13b-4b7e72c7aee3/Payload/Sputnik.app"]
SystemLibraries: ["/System/Library/Frameworks/Foundation.framework/Foundation","/usr/lib/libobjc.A.dylib","/usr/lib/libSystem.B.dylib","/System/Library/Frameworks/SwiftUI.framework/SwiftUI","/System/Library/Frameworks/UIKit.framework/UIKit","/usr/lib/swift/libswiftCore.dylib","/usr/lib/swift/libswiftFoundation.dylib","/usr/lib/swift/libswiftObjectiveC.dylib"]
DiskLibraries: ["/Users/daniel.sitnik/Dev/frida/Sputnik.ipa.cd80f9e7-ab2e-4e02-b13b-4b7e72c7aee3/Payload/Sputnik.app/Sputnik"]
UnavailableLibraries: []
AppLibraries: ["/Users/daniel.sitnik/Dev/frida/Sputnik.ipa.cd80f9e7-ab2e-4e02-b13b-4b7e72c7aee3/Payload/Sputnik.app/Sputnik"]
Orphan: []
Signed /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.cd80f9e7-ab2e-4e02-b13b-4b7e72c7aee3/Payload/Sputnik.app/Sputnik
Zipifying into /Users/daniel.sitnik/Dev/frida/test.ipa ...
{ Error: EEXIST: file already exists, mkdir '/Users/daniel.sitnik/Dev/frida'
at Object.mkdirSync (fs.js:731:3)
at Object.zip (/Users/daniel.sitnik/.config/yarn/global/node_modules/applesign/lib/tools.js:149:6)
errno: -17,
syscall: 'mkdir',
code: 'EEXIST',
path: '/Users/daniel.sitnik/Dev/frida' }
Cleaning up /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.cd80f9e7-ab2e-4e02-b13b-4b7e72c7aee3
Target is now signed: /Users/daniel.sitnik/Dev/frida/test.ipa
Cleaning up /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.cd80f9e7-ab2e-4e02-b13b-4b7e72c7aee3I'm running it from /Users/daniel.sitnik/Dev/frida/Sputnik.ipa, and since I used -o test.ipa it failed because it tried to mkdir the exact same directory: /Users/daniel.sitnik/Dev/frida.
Even if it says target is now signed, there was no output file.
So I had another go but this time I specified a different output path: -o ./test/test.ipa, and it worked!
applesign -i 3C5B... -m /Users/daniel.sitnik/Library/Developer/.../embedded.mobileprovision -o ./test/test.ipa Sputnik.ipa
File: /Users/daniel.sitnik/Dev/frida/Sputnik.ipa
Outdir: /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.81eb0329-135a-46a5-b8ee-ca439840a59f
Cleaning up /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.81eb0329-135a-46a5-b8ee-ca439840a59f
Unzipping /Users/daniel.sitnik/Dev/frida/Sputnik.ipa
Main IPA executable is not encrypted
Embedding new mobileprovision
{"application-identifier":"F8C9CWTNFB.*","keychain-access-groups":["F8C9CWTNFB.*"],"get-task-allow":true,"com.apple.developer.team-identifier":"F8C9CWTNFB"}
Updated binary entitlements/Users/daniel.sitnik/Dev/frida/Sputnik.ipa.81eb0329-135a-46a5-b8ee-ca439840a59f/Payload/Sputnik.app/Sputnik.entitlements
Signing libraries and frameworks
Resolving signing order using layered list
Nested: ["/Users/daniel.sitnik/Dev/frida/Sputnik.ipa.81eb0329-135a-46a5-b8ee-ca439840a59f/Payload/Sputnik.app"]
SystemLibraries: ["/System/Library/Frameworks/Foundation.framework/Foundation","/usr/lib/libobjc.A.dylib","/usr/lib/libSystem.B.dylib","/System/Library/Frameworks/SwiftUI.framework/SwiftUI","/System/Library/Frameworks/UIKit.framework/UIKit","/usr/lib/swift/libswiftCore.dylib","/usr/lib/swift/libswiftFoundation.dylib","/usr/lib/swift/libswiftObjectiveC.dylib"]
DiskLibraries: ["/Users/daniel.sitnik/Dev/frida/Sputnik.ipa.81eb0329-135a-46a5-b8ee-ca439840a59f/Payload/Sputnik.app/Sputnik"]
UnavailableLibraries: []
AppLibraries: ["/Users/daniel.sitnik/Dev/frida/Sputnik.ipa.81eb0329-135a-46a5-b8ee-ca439840a59f/Payload/Sputnik.app/Sputnik"]
Orphan: []
Signed /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.81eb0329-135a-46a5-b8ee-ca439840a59f/Payload/Sputnik.app/Sputnik
Zipifying into /Users/daniel.sitnik/Dev/frida/test/test.ipa ...
Cleaning up /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.81eb0329-135a-46a5-b8ee-ca439840a59f
Target is now signed: /Users/daniel.sitnik/Dev/frida/test/test.ipa
Cleaning up /Users/daniel.sitnik/Dev/frida/Sputnik.ipa.81eb0329-135a-46a5-b8ee-ca439840a59fThanks @danielsitnik ! Going to log this over at node-applesign.
C3l1n
commented
5 years ago If someone is searching for quick solutions look at my patch of applesign: https://github.com/C3l1n/node-applesign/commit/3b74376741683f4b29142ea40246143448666498 It's one simple modification of lib/tools.js. Cheers!
leonjza
commented
5 years ago @danielsitnik could you check the thread in https://github.com/nowsecure/node-applesign/pull/90? What version of node are you running?
danielsitnik
commented
5 years ago Just checked it, I'm on 10.11.0.
That must be it then, they are using the latest LTS (12).
Exception: