Cracking Cydia App (ARMV7)

#1
LastProphet

Posted 02 February 2012 - 08:54 PM

Newbie

Group: Members
Posts: 8
Joined: 25-June 11

Hi there, im cracking a cydia app but when modifying the ARMv7 binary in Hex and restart app crashing

anyone can help?

thx

__text:00002DB4 start
__text:00002DB4
__text:00002DB4 arg_0   		=  0
__text:00002DB4 arg_4   		=  4
__text:00002DB4
__text:00002DB4         		LDR     		R0, [SP,#arg_0]
__text:00002DB8         		ADD     		R1, SP, #arg_4
__text:00002DBC         		ADD     		R4, R0, #1
__text:00002DC0         		ADD     		R2, R1, R4,LSL#2
__text:00002DC4         		BIC     		SP, SP, #7
__text:00002DC8         		MOV     		R3, R2
__text:00002DCC
__text:00002DCC loc_2DCC                                ; CODE XREF: start+20j
__text:00002DCC         		LDR     		R4, [R3],#4
__text:00002DD0         		CMP     		R4, #0
__text:00002DD4         		BNE     		loc_2DCC
__text:00002DD8         		LDR     		R12, =(_main_ptr - 0x2DE4)
__text:00002DDC         		ADD     		R12, PC, R12
__text:00002DE0         		LDR     		R12, [R12]
__text:00002DE4         		BLX     		R12 ; _main
__text:00002DE8         		LDR     		R12, =(_exit_ptr - 0x2DF4)
__text:00002DEC         		ADD     		R12, PC, R12
__text:00002DF0         		LDR     		R12, [R12]
__text:00002DF4         		BX              R12 ; __imp__exit
__text:00002DF4 ; End of function start

suggestions?

#Ads
x-bot

Ad-Bot

Group:x-bot

#2
sadam

Posted 03 February 2012 - 11:14 AM

Owner

Group: Super Administrators
Posts: 1247
Joined: 13-August 08

have you tried signing the app

#3
malhaar

Posted 03 February 2012 - 08:07 PM

The CoPy NinJa..

Group: +Contributor
Posts: 383
Joined: 09-June 08

agree to sadam, use ldid to sign and then try again..

#4
LastProphet

Posted 03 February 2012 - 09:48 PM

Newbie

Group: Members
Posts: 8
Joined: 25-June 11

it works... thank you guys

im diassemblying and cracking

#5
Blaz3d

Posted 13 February 2012 - 04:34 PM

Newbie

Group: Members
Posts: 2
Joined: 13-February 12

I'm having the same problem. Hopefully when I try signing it like you suggested It works.

I have cracked apps that use ARM6 before do you know why they do not need to be signed to work?

Also is it possible to force an app to use ARM6 instead of ARM7.

#6
Blaz3d

Posted 13 February 2012 - 04:57 PM

Newbie

Group: Members
Posts: 2
Joined: 13-February 12

Blaz3d, on 13 February 2012 - 04:34 PM, said:

No luck, Here's what I am doing hopefully someone can tell me what I am doing wrong.

- Crack app with Crackulous to remove the encryption
- SSH the IPA to my PC
- Extract the app from the .app folder
- Open that file in IDA Pro
- Find the address I am going to modify
- Patch it (Its a CBNZ I patch to a CBZ)
- Produce the DIF file
- Apply my changes from the DIF to the app.
- Add the app back into the IPA
- Move the IPA into the /private/var/mobile/Documents/Installous/Downloads folder
- Install through Installous

Just tried this after with no luck:
- Start up PuTTy
- cd to the applications folder
- ldid -S "MyCrackedApp"

This process works for me with an app on an ARM6 app just not iOS 5 as it uses ARM7.

This post has been edited by Blaz3d: 13 February 2012 - 05:02 PM

xSellize: Cracking Cydia App (ARMV7) - xSellize

Posting Rules