Inject dynamic library into enterprise app (ipa)

自古美人都是妖i 提交于 2019-12-04 05:03:27

It is not clear what you want to do but mach_inject is a way for user apps to interface with the MAC OS kernel using the Mach ports it is not relevant at all to IPAs which are essentially an archive - similar to zip or Tar.

I suspect that based on what you are describing that you have a library that you want link edited / included in a user app but you don't want them to see your source code and vice versa. I am not familiar with Mocana but based on what you described it uses an IPA for distribution, that is entirely possible, but so is using a precompiled object module which is what Facebook SDK gets distributed in.

In anycase, prior to distribution whether by enterprise distribution server or the app store, the entire package needs to be signed before the devices can download and run it.

Yes, You will be able to inject a library in to an existing ipa and then resign it with your enterprise certificate. Below is the brief of how I do this

View the executable in MachOView and find the address of load commands. Then using the address edit the hex and increase the load command count by 1 (assuming i am injecting one library) also I'll have to increase the command offset.

There are tools available to inject the library into the hex with which you can now inject the library at the new offset that you referenced in the load command.

Also have a look at dyci-main in git which is a dynamic library injection project.

sage444

There is a way to unpack and resign existing .ipa see answers here How to re-sign the ipa file?

So is possible to change content of .ipa, another part of problem is write some wrapper app that load original application and inject dynamic lib, I sure that is not easy to do, but should be possible at lest.

.ipa files and executables are signed, and the signatures have to match. iOS will refuse to run the app if the signatures are mismatched or otherwise invalid. Even if you re-sign the ipa with your credentials, the signature won't match the credentials on the executable. In order for the signatures to match, either you would need to sign the .ipa with their private key, or they would have to sign the executable with your private key. Private keys are not meant to be used this way...

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!