Hey! You did an amazing job! Thank you so much! Could you help me add support for iOS 13? How exactly do I get the correct offsets for structures in kernstructs.hpp?

My environment:

• Device: iPhone 7 GSM
• iOS: 14.6
• Jailbreak: checkra1n
• PC: Mac

How to dump ipa from mac CLI?

Your project doesn't have any instructions. Please provide anything.

I wanted to try this nice tool and used the binary of the Youtube ipa package. However, I get the following error:

BA:~ root# fouldecrypt -v YouTube yt-dc
21:47:10.764865	mapping input file: YouTube
21:47:10.766114	mapping output file: yt-dc
21:47:10.767689	copying original data of size 0xe184c0...
21:47:10.778300	    not fat binary, directly decrypting it!
21:47:10.778339	    finding encryption_info segment in slide...
21:47:10.778347	        found encryption_info segment at offset ba8
21:47:10.778352	    decrypting encrypted data...
21:47:10.778357	        Going to decrypt crypt page: off 0x4000 size 0x868000 cryptid 1, cpuType 100000c cpuSubType 0
21:47:10.778408	        Already 16k aligned, directly go ahead :)
21:47:10.778424	-->> 16k-aligned mmaping(0x0, 0x868000, 5, 0x2, 3, 0x4000)
mmap: Operation not permitted
21:47:10.778652	<<-- 16k-aligned mmaping(0x0, 0x868000, 5, 0x2, 3, 0x4000) = 0xffffffffffffffff
21:47:10.778662	<<-- unprotect mremap_encrypted(0xffffffffffffffff, 0x868000, 1, 0x100000c, 0x0)
mremap_encrypted: Invalid argument
21:47:10.778694	-->> unprotect mremap_encrypted(0xffffffffffffffff, 0x868000, 1, 0x100000c, 0x0) = -1

I am using an iPhone 6s with iOS 14,2 and fouldecrypt 0.0.3 from your repo. Do you have an idea what the problem is? Thanks in advance

Use git tag v1.1.1 to issue a new release, GitHub will do the rest for you.

If you wanna test github-action without actually publishing the artifact, use a new action-test branch

When trying to decrypt anything on an iPhone 7 Plus on iOS 14.8.1 jailbroken with checkra1n, this error shows up, both with the TFP0 and the libkrw versions. flexdecrypt and appdecrypt work fine however with the same device/setup.

Previously, getting decryption failure would be ignored and return code 0 (success) even though it is not:

mremap_encrypted: Operation not permitted
<continues>
<code 0>

This PR checks for the return code of mremap_encrypted, and if errored, cancels decryption and propagates it back to the shell.

Apparently the arm64e identifier changed between iOS 13 and iOS 14: https://www.reddit.com/r/jailbreak/comments/rk7n8l/help_diskprobe_error_incompatible_cpusubtype/hp93y9x/

I encountered the same message as the OP in the linked post. Googling led me to that post.

iPhone SE 2 iOS 13.7 unc0ver 6.0.0

Hi there! While trying out fouldecrypt on iOS 14.5 using the AltStore -> Fugu14 -> unc0ver Jailbreak on an iPhone XR I wasn't able to get fouldecrypt running successfully. Here's the log output of one attempt:

10:29:21.123326	mapping input file: /private/var/containers/Bundle/Application/7384EA7D-A396-4A76-88B6-F102431E33D9_tmp/Discord.app/Discord
10:29:21.128509	mapping output file: /private/var/containers/Bundle/Application/7384EA7D-A396-4A76-88B6-F102431E33D9_tmp/Discord.app/Discord
10:29:21.435733	copying original data of size 0x158c1d0...
10:29:21.454366	    not fat binary, directly decrypting it!
10:29:21.454458	    finding encryption_info segment in slide...
10:29:21.454467	        found encryption_info segment at offset 10f8
10:29:21.454476	    decrypting encrypted data...
10:29:21.454481	        Going to decrypt crypt page: off 0x356000 size 0x1000 cryptid 1, cpuType 100000c cpuSubType 0
10:29:21.454505	        Not 16k aligned, trying to do the hack :O
Error attempting to load plugin /usr/lib/libkrw/libFugu14Krw.dylib: dlopen(/usr/lib/libkrw/libFugu14Krw.dylib, 5): no suitable image found.  Did find:
	/usr/lib/libkrw/libFugu14Krw.dylib: incompatible cpu-subtype: 0x00000000 in /usr/lib/libkrw/libFugu14Krw.dylib
	/usr/lib/libkrw/libFugu14Krw.dylib: stat() failed with errno=60
10:29:21.750269	        successfully initialized kerninfra!
10:29:21.750393	            processing file off 354000-357000, curPage len: 3000, inPageStart: 2000, inPageEnd: 3000
10:29:21.750489	-->> directly 16k-aligned mmap mmaping(0x0, 0x3000, 5, 0x2, 4, 0x354000)
10:29:21.752934	<<-- directly 16k-aligned mmap mmaping(0x0, 0x3000, 5, 0x2, 4, 0x354000) = 0x1027fc000
10:29:21.752955	<<-- unprotect mremap_encrypted(0x1027fc000, 0x3000, 1, 0x100000c, 0x0)
mremap_encrypted: Operation not permitted
10:29:21.812483	-->> unprotect mremap_encrypted(0x1027fc000, 0x3000, 1, 0x100000c, 0x0) = -1

Especially the part mentioning mentioning /usr/lib/libkrw/libFugu14Krw.dylib gave me the impression, that the issue may be related to the specific Fugu14 exploit method?