View difference between Paste ID: <a href="/ZyAVEqpP">ZyAVEqpP</a> and <a href="/post/view"></a>

View difference between Paste ID: ZyAVEqpP and

SHOW: | | - or go back to the newest paste.


#!/bin/sh
#
# poedCrack - v2.5 (2009-12-03) -- mod25G
# For all devices
#
# Now includes fat binary support
#
# Latest version always available at: http://www.roapd.com/uploads/poedCrack.gz
#
# Heavily based on DeCrypt by FloydianSlip
#
# Many thanks to:
# puy0, SaladFork, Flox, Flawless, FloydianSlip, MadHouse, TDDebug

clear
echo "poedCrack 2.5 (091203) by poedgirl -- mod25G"

if [ ! -e /usr/bin/plutil ]; then
        echo "Cannot find plutil (Install Erica Utils from Cydia)"
        exit 1
fi

if [ ! -e /usr/bin/gdb ]; then
        echo "Cannot find gdb (Install GNU Debugger from Cydia)"
        exit 1
fi

if [ ! -e /usr/bin/otool ]; then
        echo "Cannot find otool (Install toolchain from Cydia)"
        exit 1
fi

if [ ! -e /usr/bin/ldid ]; then
        echo "Cannot find ldid (Install Link Identity Editor from Cydia)"
        exit 1
fi

#Get and store the whole apps list
rm -f /tmp/lsd.tmp
ls -d /var/mobile/Applications/*/*.app > /tmp/lsd.tmp

if [ $# -lt 1 ]; then
        echo "Usage: $(basename $0) [<ApplicationName> [<CrackerName> [<CreditFileName>]]]"
        echo
        cat /tmp/lsd.tmp | cut -f 6 -d '/' | sort -f | sed "s/\\.app/,/" | tr "\n" " "
        echo -e "\010\010."
        rm -f /tmp/lsd.tmp
        exit 1
fi

if [ "$1" = "-e" ]; then
        echo "Encrypted apps list:"
        ls -d /var/mobile/Applications/*/*.app/SC_Info | sort -f -t \/ -k 6 | while read OneApp
        do
                echo -n "$(echo "$OneApp" | cut -f 6 -d '/' | sed "s/\\.app/, /")"
        done
        echo -e "\010\010."
        rm -f /tmp/lsd.tmp
        exit 1
fi

AppInput=$1
CrackerName=$2
CreditFile=$3

if [ ! $CrackerName ]; then
        CrackerName="Anonymous"
fi

if [ ! $CreditFile ]; then
        CreditFile=$CrackerName
fi

if [ -d "$AppInput" ]; then
        tempLoc=$AppInput
else
        echo "Locating $AppInput"
        #Escape the "*" as ".*"
        AppGrep=$(echo "/$AppInput\.app" | sed "s/\*/\.\*/g")
        tempLoc=$(grep -i "$AppGrep" /tmp/lsd.tmp)
        if [ -z "$tempLoc" ]; then
                echo "Unable to locate $AppInput"
                rm -f /tmp/lsd.tmp
                exit 1
        fi
        AppCount=$(echo "$tempLoc" | wc -l)
        if [ $AppCount -gt 1 ]; then
                echo "Found $AppCount installation directories:"
                echo "$tempLoc"
                rm -f /tmp/lsd.tmp
                exit 1
        fi
fi

#Apps list not needed anymore
rm -f /tmp/lsd.tmp

AppPath=$(dirname "$tempLoc")
AppName=$(basename "$tempLoc")
AppExec=$(plutil -key CFBundleExecutable "$tempLoc/Info.plist" 2>&1)
AppVer=$(plutil -key CFBundleVersion "$tempLoc/Info.plist" 2>&1)
AppDisplayName=$(plutil -key CFBundleDisplayName "$tempLoc/Info.plist" 2>&1)
if [ "${AppDisplayName:0:6}" = "Error:" ]; then
        echo "Unable to get CFBundleDisplayName"
        AppDisplayName=$(plutil -key CFBundleName "$tempLoc/Info.plist" 2>&1)
        if [ "${AppDisplayName:0:6}" = "Error:" ]; then
                echo "Unable to get CFBundleName"
                AppDisplayName=$AppExec
        fi
fi
MinOS=$(plutil -key MinimumOSVersion "$tempLoc/Info.plist" 2>&1)
if [ "${MinOS:0:6}" = "Error:" ]; then
        echo "Unable to get MinOS"
        MinOS="0.0.0"
fi
Patched=""

if [ ! -d "$AppPath" ]; then
        echo "Unable to locate original installation directory"
        exit 1
fi

if [ ! -d "$AppPath/$AppName" ]; then
        echo "Unable to locate .app directory"
        exit 1
fi

if [ ! -e "$AppPath/$AppName/$AppExec" ]; then
        echo "Unable to locate executable"
        exit 1
fi

if [ ! "$AppName" = "$AppDisplayName.app" ]; then
        echo "Found '$AppName' ($AppDisplayName)"
else
        echo "Found '$AppName'"
fi

echo -n "Creating directories "
WorkDir="/tmp/poedCrack-$(date +%Y%m%d-%H%M%S)"
NewAppDir="$HOME/Documents/Cracked"

if [ -e "$WorkDir" ]; then
        rm -rf "$WorkDir"
fi

mkdir -p "$WorkDir"

if [ ! -e "$NewAppDir" ]; then
        mkdir -p "$NewAppDir"
fi

if [ ! -d "$WorkDir" -o ! -d "$NewAppDir" ]; then
        echo "failed !"
        exit 1
fi

echo "and copying some files"
mkdir -p "$WorkDir/$AppName"
cp -a "$AppPath/$AppName/$AppExec" "$WorkDir/$AppName/"
cp -a "$AppPath/$AppName/Info.plist" "$WorkDir/$AppName/"


if [ ! -e "$WorkDir/$AppName/$AppExec" ]; then
        echo "Unable to copy application files"
        rm -fr "$WorkDir"
        exit 1
fi

echo -n "Analyzing application: "

LipoFail=$(lipo -info "$WorkDir/$AppName/$AppExec" | grep Architectures | awk '{print $2}')
if [ ! $LipoFail ]; then
        echo "Thin Binary found"
        Iterations=1
else
        echo "Fat Binary found"
        echo "Dumping armv6 section"
        lipo -thin armv6 "$WorkDir/$AppName/$AppExec" -output "$WorkDir/$AppName/$AppExec-armv6"
        CPUType=$(sysctl hw.cpusubtype | grep 6 | awk '{print $2}')
        if [ ! $CPUType ]; then
                echo "Dumping armv7 section"
                dd if="$WorkDir/$AppName/$AppExec" of="$WorkDir/$AppName/$AppExec-swapped" bs=1 count=15 >> /dev/null 2>&1> /dev/null
                echo -en "\011" >> "$WorkDir/$AppName/$AppExec-swapped"
                dd if="$WorkDir/$AppName/$AppExec" of="$WorkDir/$AppName/$AppExec-swapped" skip=16 bs=1 count=19 oflag=append conv=notrunc >> /dev/null 2>&1> /dev/null
                echo -en "\006" >> "$WorkDir/$AppName/$AppExec-swapped"
                dd if="$WorkDir/$AppName/$AppExec" of="$WorkDir/$AppName/$AppExec-swapped" skip=1 bs=36 oflag=append conv=notrunc >> /dev/null 2>&1> /dev/null
                lipo -thin armv6 "$WorkDir/$AppName/$AppExec-swapped" -output "$WorkDir/$AppName/$AppExec-armv7"
                rm "$WorkDir/$AppName/$AppExec-swapped"
                Iterations=2
        else
                echo "Non armv7 compatible CPU: not dumping armv7"
                Iterations=1
        fi
fi
        
for (( i=1;i<=$Iterations;i++)); do
        if [ ! $LipoFail ]; then
                AppExecCur=$AppExec
        else 
                if [ $i -eq 1 ];then
                        AppExecCur=$AppExec-armv6
                        echo "--- Cracking armv6 section ---"
#                       Patched="$Patched arm6"
                else
                        AppExecCur=$AppExec-armv7
                        echo "--- Cracking armv7 section ---"
#                       Patched="$Patched arm7"
                fi
        fi
        
        CryptID=$(otool -l "$WorkDir/$AppName/$AppExecCur" | grep cryptid | awk '{print $2}')
        if [ $CryptID -ne "1" ]; then
                echo "Application is not encrypted"
                rm -fr "$WorkDir"
                exit 1
        fi
        
        CryptSize=$(otool -l "$WorkDir/$AppName/$AppExecCur" | grep cryptsize | awk '{print $2}')
        if [ ! $CryptSize ]; then
                echo "Unable to find CryptSize"
                rm -fr "$WorkDir"
                exit 1
        fi
        
        CryptOff=$(otool -l "$WorkDir/$AppName/$AppExecCur" | grep cryptoff | awk '{print $2}')
        if [ ! $CryptOff ]; then
                        echo "Unable to find CryptOff"
                        rm -fr "$WorkDir"
                exit 1
        fi
        
        echo "Locating and patching CryptID"
        
        # - Take first 4KB of the file, convert to hex on 1 long line
        # - Find the cryptid command block
        # - Compute the offset to patch (01 --> 00)

        dd bs=4096 count=1 if="$WorkDir/$AppName/$AppExecCur" 2> /dev/null | \
        od -A n -t x1 -v | \
        tr -d ' ','\n' | \
        sed "s/0000002100000014......................01.*/ThisIsItThisIsItThisIsItThisIsItHere!!/g" > "$WorkDir/hex.tmp"
        foo=$(echo -ne "\x00" | dd bs=1 seek=$(expr $(($(stat -c%s "$WorkDir/hex.tmp"))) / 2) conv=notrunc status=noxfer of="$WorkDir/$AppName/$AppExecCur" 2>&1> /dev/null)
        rm -f "$WorkDir/hex.tmp"
        cid=$(otool -l "$WorkDir/$AppName/$AppExecCur" | grep cryptid | awk '{print $2}')
        
        if [ $cid = "1" ]; then
                echo "Unable to patch CryptID"
                rm -fr "$WorkDir"
                exit 1
        fi
        
        echo "Dumping unencrypted data from application"
        
        echo -e "set sharedlibrary load-rules \".*\" \".*\" none\r\n\
        set inferior-auto-start-dyld off\r\n\
        set sharedlibrary preload-libraries off\r\n\
        set sharedlibrary load-dyld-symbols off\r\n\
        handle all nostop\r\n\
        rb doModInitFunctions\r\n
        command 1\r\n\
        dump memory $WorkDir/dump.bin 0x2000 $(($CryptSize + 0x2000))\r\n\
        kill\r\n\
        quit\r\n\
        end\r\n\
        start" > $WorkDir/batch.gdb
        
        foo=$(gdb -q -e "$AppPath/$AppName/$AppExecCur" -x $WorkDir/batch.gdb -batch > /dev/null 2>&1> /dev/null)
        
        rm $WorkDir/batch.gdb
        
        echo -n "Verifying dump "
        
        DumpSize=$(stat -c%s "$WorkDir/dump.bin")
        if [ "$DumpSize" != "$CryptSize" ]; then
                echo "failed ! Wrong size ?"
                rm -fr "$WorkDir"
                exit 1
        fi
        
        echo "and replacing encrypted data"
        foo=$(dd seek=1 count=1 obs=4096 ibs=$DumpSize conv=notrunc if="$WorkDir/dump.bin" of="$WorkDir/$AppName/$AppExecCur" 2>&1> /dev/null)
        rm "$WorkDir/dump.bin"

        echo -n "Trying LamerPatcher... "
        sed --in-place=.BCK \
                -e 's=/Cydia.app=/Czdjb.bpp=g' \
                -e 's=SignerIdentity=SjgnfrJdfntjtz=g' \
                -e 's=PfdkboFabkqfqv=PgdkcoGackqgqw=g' \
                -e 's=Sign\d0\d0\d0\d0erId\d0\d0\d0\d0entity=Sjgn\d0\d0\d0\d0frJd\d0\d0\d0\d0fntjtz=g' \
                -e 's=/private/var/lib/apt=/prjvbtf/vbr/ljb/bpt=g' \
                -e 's=/Applicat\d0\d0\d0ions/dele\d0\d0\d0teme\.txt=/Bppljcbt\d0\d0\d0jpns/dflf\d0\d0\d0tfmf\.txt=g' \
                -e 's=/Appl\d0\d0\d0ications/C\d0\d0ydi\d0a\.app=/Bppl\d0\d0\d0jcbtjpns/C\d0\d0zdj\d0b\.bpp=g' \
                -e 's=ations/Cy\d0\d0\d0/Applic\d0pp\d0\d0dia.a=btjpns/Cz\d0\d0\d0/Bppljc\d0pp\d0\d0djb.b=g' \
                -e 's=ate/va\d0\d0/priv\d0\d0\d0pt/\d0b/a\d0r/li=btf/vb\d0\d0/prjv\d0\d0\d0pt/\d0b/b\d0r/lj=g' \
                -e 's=pinchmedia\.com=pjnchmfdjb\.cpm=g' \
                -e 's=admob\.com=bdmpb\.cpm=g' \
                -e 's=doubleclick\.net=dpvblfcljck\.nft=g' \
                -e 's=googlesyndication\.com=gppglfszndjcbtjpn\.cpm=g' \
                -e 's=flurry\.com=flvrrz\.cpm=g' \
                -e 's=qwapi\.com=qwbpj\.cpm=g' \
                -e 's=mobclix\.com=mpbcljx\.cpm=g' \
                -e 's=http://ad\.=http://bd/=g' \
                -e 's=http://ads\.=http://bds/=g' \
                "$WorkDir/$AppName/$AppExecCur"

        cmp --silent "$WorkDir/$AppName/$AppExecCur.BCK" "$WorkDir/$AppName/$AppExecCur"
        if [ "$?" -ne "0" ]; then
                echo "patched something"
                Patched="$Patched patched"
        else
                echo "found nothing"
        fi
        rm "$WorkDir/$AppName/$AppExecCur.BCK"

        echo "Signing the application"
        foo=$(ldid -s "$WorkDir/$AppName/$AppExecCur" 2>&1> /dev/null)  
done

if [ $LipoFail ]; then
        if [ -e "$WorkDir/$AppName/$AppExec-armv7" ]; then
                echo "Combining both parts into a fat binary"
                lipo -create "$WorkDir/$AppName/$AppExec-armv6" "$WorkDir/$AppName/$AppExec-armv7" -output "$WorkDir/$AppName/$AppExec"
                chmod 755 "$WorkDir/$AppName/$AppExec"
                rm "$WorkDir/$AppName/$AppExec-armv6"
                rm "$WorkDir/$AppName/$AppExec-armv7"
        else
                echo
                mv "$WorkDir/$AppName/$AppExec-armv6" "$WorkDir/$AppName/$AppExec"
        fi
fi

# Test MinimumOS version for SignerIdentity needs
echo -n "MinOS is '$MinOS': "
if [ ${MinOS:0:1} -gt 2 ]; then
        echo "no SignerIdentity needed"
else
        echo "adding SignerIdentity"
        cp -a "$WorkDir/$AppName/Info.plist" "$WorkDir/$AppName/Info.backup.plist"
        plutil -key 'SignerIdentity' -value 'Apple iPhone OS Application Signing' "$WorkDir/$AppName/Info.plist" 2>&1> /dev/null
        plutil -binary "$WorkDir/$AppName/Info.plist" 2>&1> /dev/null
        # Timestamp back
        touch -r "$AppPath/$AppName/Info.plist" "$WorkDir/$AppName/Info.plist"
fi

# Timestamp back
touch -r "$AppPath/$AppName/$AppExec" "$WorkDir/$AppName/$AppExec"

if [ ! $CrackerName = "Anonymous" ]; then
        echo "Adding Credits"
        echo "Cracked by $CrackerName" >> "$WorkDir/$AppName/$CreditFile"
fi

echo "Building .ipa (step 1)"
mkdir -p "$WorkDir/Payload"
if [ ! -e "$WorkDir/Payload" ]; then
        echo "Failed to create Payload directory"
        rm -fr "$WorkDir"
        exit 1
fi
mv "$WorkDir/$AppName" "$WorkDir/Payload/"

echo -n "Copying Artwork "
if [ -e "$AppPath/iTunesArtwork" ]; then
        cp -a "$AppPath/iTunesArtwork" "$WorkDir/"
        touch -r "$AppPath/$AppName/Info.plist" "$WorkDir/iTunesArtwork"
else
        echo "failed !"
fi

echo "and faking Metadata"
cp "$AppPath/iTunesMetadata.plist" "$WorkDir/iTunesMetadataSource.plist"
plutil -xml "$WorkDir/iTunesMetadataSource.plist" 2>&1> /dev/null
echo -e "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\
<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n\
<plist version=\"1.0\">\n\
<dict>
\t<key>appleId</key>\n\
\t<string>Lisa@apple.com</string>\n\
\t<key>purchaseDate</key>\n\
\t<date>2010-05-05T05:05:05Z</date>" > "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>artistId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>artistName</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>buy-only</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>buyParams</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>copyright</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>drmVersionNumber</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>fileExtension</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 -m1 "<key>genre</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 -m1 "<key>genreId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>itemId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>itemName</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>kind</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>playlistArtistName</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>playlistName</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>price</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>priceDisplay</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A99 "<key>rating</key>" "$WorkDir/iTunesMetadataSource.plist" | grep -m1 -B99 "</dict>" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>releaseDate</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>s</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>softwareIcon57x57URL</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>softwareIconNeedsShine</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A99 "<key>softwareSupportedDeviceIds</key>" "$WorkDir/iTunesMetadataSource.plist" | grep -m1 -B99 "</array>" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>softwareVersionBundleId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>softwareVersionExternalIdentifier</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A99 "<key>softwareVersionExternalIdentifiers</key>" "$WorkDir/iTunesMetadataSource.plist" | grep -m1 -B99 "</array>" >> "$WorkDir/iTunesMetadata.plist"
grep -A99 "<key>subgenres</key>" "$WorkDir/iTunesMetadataSource.plist" | grep -m1 -B99 "</array>" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>vendorId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
grep -A1 "<key>versionRestrictions</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
echo -e "</dict>\n\
</plist>\n" >> "$WorkDir/iTunesMetadata.plist"
touch -r "$AppPath/$AppName/Info.plist" "$WorkDir/iTunesMetadata.plist"

#Check for possible iTunesMetadata format changes
rm -f /tmp/diff.txt
diff "$WorkDir/iTunesMetadataSource.plist" "$WorkDir/iTunesMetadata.plist" > /tmp/diff.txt
rm -f "$WorkDir/iTunesMetadataSource.plist"
NewFields=$(wc -l /tmp/diff.txt | cut -f 1 -d " ")
if [ $NewFields -ne "11" ]; then
        if [ $NewFields -ne "28" ]; then
                echo "Warning: iTunesMetadata format changed"
        fi
fi
rm -f /tmp/diff.txt

FirstSize=$(du -k -s "$WorkDir" | cut -f 1)
echo "Compressing the .ipa (step 1) [$FirstSize kB]"

if [ $CrackerName = "Anonymous" ]; then
        IPAName=$NewAppDir/$(echo $AppDisplayName | sed -e "s: :_:g")\ \(v$AppVer$Patched\ os$(echo $MinOS | sed -e "s:\.::g")\).ipa
else
        IPAName=$NewAppDir/$(echo $AppDisplayName | sed -e "s: :_:g")\ \(v$AppVer$Patched\ os$(echo $MinOS | sed -e "s:\.::g")\)-$CrackerName.ipa
fi

cd "$WorkDir"
rm -f "$IPAName"
zip -m -r "$IPAName" * 2>&1> /dev/null
cd - 2>&1> /dev/null
if [ ! -e "$IPAName" ]; then
        echo "Failed to compress the .ipa"
        rm -fr "$WorkDir"
        exit 1
fi

echo "Building .ipa (step 2)"
# Using a SymbolicLink
ln -s "$AppPath/" "$WorkDir/Payload"

SecondSize=$(du -k -s "$AppPath" | cut -f 1)
echo "Compressing the .ipa (step 2) [$(expr $SecondSize - $FirstSize) kB]"
cd "$WorkDir"
# Zip doesn't move/delete, and excludes some files.
zip -y -r "$IPAName" Payload/* -x Payload/iTunesArtwork Payload/iTunesMetadata.plist "Payload/Documents/*" "Payload/Library/*" "Payload/tmp/*" "Payload/$AppName/$AppExec" "Payload/$AppName/Info.plist" "Payload/$AppName/SC_Info/*" "Payload/$AppName/_CodeSignature/*" "Payload/$AppName/CodeResources" "Payload/$AppName/ResourceRules.plist" 2>&1> /dev/null
rm "$WorkDir/Payload"
cd - 2>&1> /dev/null

echo "Removing temporary files"
rm -rf "$WorkDir"

echo "Created cracked .ipa at $IPAName"

1	-
1	+	#!/bin/sh
2		#
3		# poedCrack - v2.5 (2009-12-03) -- mod25G
4		# For all devices
5		#
6		# Now includes fat binary support
7		#
8		# Latest version always available at: http://www.roapd.com/uploads/poedCrack.gz
9		#
10		# Heavily based on DeCrypt by FloydianSlip
11		#
12		# Many thanks to:
13		# puy0, SaladFork, Flox, Flawless, FloydianSlip, MadHouse, TDDebug
14
15		clear
16		echo "poedCrack 2.5 (091203) by poedgirl -- mod25G"
17
18		if [ ! -e /usr/bin/plutil ]; then
19		echo "Cannot find plutil (Install Erica Utils from Cydia)"
20		exit 1
21		fi
22
23		if [ ! -e /usr/bin/gdb ]; then
24		echo "Cannot find gdb (Install GNU Debugger from Cydia)"
25		exit 1
26		fi
27
28		if [ ! -e /usr/bin/otool ]; then
29		echo "Cannot find otool (Install toolchain from Cydia)"
30		exit 1
31		fi
32
33		if [ ! -e /usr/bin/ldid ]; then
34		echo "Cannot find ldid (Install Link Identity Editor from Cydia)"
35		exit 1
36		fi
37
38		#Get and store the whole apps list
39		rm -f /tmp/lsd.tmp
40		ls -d /var/mobile/Applications//.app > /tmp/lsd.tmp
41
42		if [ $# -lt 1 ]; then
43		echo "Usage: $(basename $0) [<ApplicationName> [<CrackerName> [<CreditFileName>]]]"
44		echo
45		cat /tmp/lsd.tmp \| cut -f 6 -d '/' \| sort -f \| sed "s/\\.app/,/" \| tr "\n" " "
46		echo -e "\010\010."
47		rm -f /tmp/lsd.tmp
48		exit 1
49		fi
50
51		if [ "$1" = "-e" ]; then
52		echo "Encrypted apps list:"
53		ls -d /var/mobile/Applications//.app/SC_Info \| sort -f -t \/ -k 6 \| while read OneApp
54		do
55		echo -n "$(echo "$OneApp" \| cut -f 6 -d '/' \| sed "s/\\.app/, /")"
56		done
57		echo -e "\010\010."
58		rm -f /tmp/lsd.tmp
59		exit 1
60		fi
61
62		AppInput=$1
63		CrackerName=$2
64		CreditFile=$3
65
66		if [ ! $CrackerName ]; then
67		CrackerName="Anonymous"
68		fi
69
70		if [ ! $CreditFile ]; then
71		CreditFile=$CrackerName
72		fi
73
74		if [ -d "$AppInput" ]; then
75		tempLoc=$AppInput
76		else
77		echo "Locating $AppInput"
78		#Escape the "" as "."
79		AppGrep=$(echo "/$AppInput\.app" \| sed "s/\/\.\/g")
80		tempLoc=$(grep -i "$AppGrep" /tmp/lsd.tmp)
81		if [ -z "$tempLoc" ]; then
82		echo "Unable to locate $AppInput"
83		rm -f /tmp/lsd.tmp
84		exit 1
85		fi
86		AppCount=$(echo "$tempLoc" \| wc -l)
87		if [ $AppCount -gt 1 ]; then
88		echo "Found $AppCount installation directories:"
89		echo "$tempLoc"
90		rm -f /tmp/lsd.tmp
91		exit 1
92		fi
93		fi
94
95		#Apps list not needed anymore
96		rm -f /tmp/lsd.tmp
97
98		AppPath=$(dirname "$tempLoc")
99		AppName=$(basename "$tempLoc")
100		AppExec=$(plutil -key CFBundleExecutable "$tempLoc/Info.plist" 2>&1)
101		AppVer=$(plutil -key CFBundleVersion "$tempLoc/Info.plist" 2>&1)
102		AppDisplayName=$(plutil -key CFBundleDisplayName "$tempLoc/Info.plist" 2>&1)
103		if [ "${AppDisplayName:0:6}" = "Error:" ]; then
104		echo "Unable to get CFBundleDisplayName"
105		AppDisplayName=$(plutil -key CFBundleName "$tempLoc/Info.plist" 2>&1)
106		if [ "${AppDisplayName:0:6}" = "Error:" ]; then
107		echo "Unable to get CFBundleName"
108		AppDisplayName=$AppExec
109		fi
110		fi
111		MinOS=$(plutil -key MinimumOSVersion "$tempLoc/Info.plist" 2>&1)
112		if [ "${MinOS:0:6}" = "Error:" ]; then
113		echo "Unable to get MinOS"
114		MinOS="0.0.0"
115		fi
116		Patched=""
117
118		if [ ! -d "$AppPath" ]; then
119		echo "Unable to locate original installation directory"
120		exit 1
121		fi
122
123		if [ ! -d "$AppPath/$AppName" ]; then
124		echo "Unable to locate .app directory"
125		exit 1
126		fi
127
128		if [ ! -e "$AppPath/$AppName/$AppExec" ]; then
129		echo "Unable to locate executable"
130		exit 1
131		fi
132
133		if [ ! "$AppName" = "$AppDisplayName.app" ]; then
134		echo "Found '$AppName' ($AppDisplayName)"
135		else
136		echo "Found '$AppName'"
137		fi
138
139		echo -n "Creating directories "
140		WorkDir="/tmp/poedCrack-$(date +%Y%m%d-%H%M%S)"
141		NewAppDir="$HOME/Documents/Cracked"
142
143		if [ -e "$WorkDir" ]; then
144		rm -rf "$WorkDir"
145		fi
146
147		mkdir -p "$WorkDir"
148
149		if [ ! -e "$NewAppDir" ]; then
150		mkdir -p "$NewAppDir"
151		fi
152
153		if [ ! -d "$WorkDir" -o ! -d "$NewAppDir" ]; then
154		echo "failed !"
155		exit 1
156		fi
157
158		echo "and copying some files"
159		mkdir -p "$WorkDir/$AppName"
160		cp -a "$AppPath/$AppName/$AppExec" "$WorkDir/$AppName/"
161		cp -a "$AppPath/$AppName/Info.plist" "$WorkDir/$AppName/"
162
163
164		if [ ! -e "$WorkDir/$AppName/$AppExec" ]; then
165		echo "Unable to copy application files"
166		rm -fr "$WorkDir"
167		exit 1
168		fi
169
170		echo -n "Analyzing application: "
171
172		LipoFail=$(lipo -info "$WorkDir/$AppName/$AppExec" \| grep Architectures \| awk '{print $2}')
173		if [ ! $LipoFail ]; then
174		echo "Thin Binary found"
175		Iterations=1
176		else
177		echo "Fat Binary found"
178		echo "Dumping armv6 section"
179		lipo -thin armv6 "$WorkDir/$AppName/$AppExec" -output "$WorkDir/$AppName/$AppExec-armv6"
180		CPUType=$(sysctl hw.cpusubtype \| grep 6 \| awk '{print $2}')
181		if [ ! $CPUType ]; then
182		echo "Dumping armv7 section"
183		dd if="$WorkDir/$AppName/$AppExec" of="$WorkDir/$AppName/$AppExec-swapped" bs=1 count=15 >> /dev/null 2>&1> /dev/null
184		echo -en "\011" >> "$WorkDir/$AppName/$AppExec-swapped"
185		dd if="$WorkDir/$AppName/$AppExec" of="$WorkDir/$AppName/$AppExec-swapped" skip=16 bs=1 count=19 oflag=append conv=notrunc >> /dev/null 2>&1> /dev/null
186		echo -en "\006" >> "$WorkDir/$AppName/$AppExec-swapped"
187		dd if="$WorkDir/$AppName/$AppExec" of="$WorkDir/$AppName/$AppExec-swapped" skip=1 bs=36 oflag=append conv=notrunc >> /dev/null 2>&1> /dev/null
188		lipo -thin armv6 "$WorkDir/$AppName/$AppExec-swapped" -output "$WorkDir/$AppName/$AppExec-armv7"
189		rm "$WorkDir/$AppName/$AppExec-swapped"
190		Iterations=2
191		else
192		echo "Non armv7 compatible CPU: not dumping armv7"
193		Iterations=1
194		fi
195		fi
196
197		for (( i=1;i<=$Iterations;i++)); do
198		if [ ! $LipoFail ]; then
199		AppExecCur=$AppExec
200		else
201		if [ $i -eq 1 ];then
202		AppExecCur=$AppExec-armv6
203		echo "--- Cracking armv6 section ---"
204		# Patched="$Patched arm6"
205		else
206		AppExecCur=$AppExec-armv7
207		echo "--- Cracking armv7 section ---"
208		# Patched="$Patched arm7"
209		fi
210		fi
211
212		CryptID=$(otool -l "$WorkDir/$AppName/$AppExecCur" \| grep cryptid \| awk '{print $2}')
213		if [ $CryptID -ne "1" ]; then
214		echo "Application is not encrypted"
215		rm -fr "$WorkDir"
216		exit 1
217		fi
218
219		CryptSize=$(otool -l "$WorkDir/$AppName/$AppExecCur" \| grep cryptsize \| awk '{print $2}')
220		if [ ! $CryptSize ]; then
221		echo "Unable to find CryptSize"
222		rm -fr "$WorkDir"
223		exit 1
224		fi
225
226		CryptOff=$(otool -l "$WorkDir/$AppName/$AppExecCur" \| grep cryptoff \| awk '{print $2}')
227		if [ ! $CryptOff ]; then
228		echo "Unable to find CryptOff"
229		rm -fr "$WorkDir"
230		exit 1
231		fi
232
233		echo "Locating and patching CryptID"
234
235		# - Take first 4KB of the file, convert to hex on 1 long line
236		# - Find the cryptid command block
237		# - Compute the offset to patch (01 --> 00)
238
239		dd bs=4096 count=1 if="$WorkDir/$AppName/$AppExecCur" 2> /dev/null \| \
240		od -A n -t x1 -v \| \
241		tr -d ' ','\n' \| \
242		sed "s/0000002100000014......................01.*/ThisIsItThisIsItThisIsItThisIsItHere!!/g" > "$WorkDir/hex.tmp"
243		foo=$(echo -ne "\x00" \| dd bs=1 seek=$(expr $(($(stat -c%s "$WorkDir/hex.tmp"))) / 2) conv=notrunc status=noxfer of="$WorkDir/$AppName/$AppExecCur" 2>&1> /dev/null)
244		rm -f "$WorkDir/hex.tmp"
245		cid=$(otool -l "$WorkDir/$AppName/$AppExecCur" \| grep cryptid \| awk '{print $2}')
246
247		if [ $cid = "1" ]; then
248		echo "Unable to patch CryptID"
249		rm -fr "$WorkDir"
250		exit 1
251		fi
252
253		echo "Dumping unencrypted data from application"
254
255		echo -e "set sharedlibrary load-rules \".\" \".\" none\r\n\
256		set inferior-auto-start-dyld off\r\n\
257		set sharedlibrary preload-libraries off\r\n\
258		set sharedlibrary load-dyld-symbols off\r\n\
259		handle all nostop\r\n\
260		rb doModInitFunctions\r\n
261		command 1\r\n\
262		dump memory $WorkDir/dump.bin 0x2000 $(($CryptSize + 0x2000))\r\n\
263		kill\r\n\
264		quit\r\n\
265		end\r\n\
266		start" > $WorkDir/batch.gdb
267
268		foo=$(gdb -q -e "$AppPath/$AppName/$AppExecCur" -x $WorkDir/batch.gdb -batch > /dev/null 2>&1> /dev/null)
269
270		rm $WorkDir/batch.gdb
271
272		echo -n "Verifying dump "
273
274		DumpSize=$(stat -c%s "$WorkDir/dump.bin")
275		if [ "$DumpSize" != "$CryptSize" ]; then
276		echo "failed ! Wrong size ?"
277		rm -fr "$WorkDir"
278		exit 1
279		fi
280
281		echo "and replacing encrypted data"
282		foo=$(dd seek=1 count=1 obs=4096 ibs=$DumpSize conv=notrunc if="$WorkDir/dump.bin" of="$WorkDir/$AppName/$AppExecCur" 2>&1> /dev/null)
283		rm "$WorkDir/dump.bin"
284
285		echo -n "Trying LamerPatcher... "
286		sed --in-place=.BCK \
287		-e 's=/Cydia.app=/Czdjb.bpp=g' \
288		-e 's=SignerIdentity=SjgnfrJdfntjtz=g' \
289		-e 's=PfdkboFabkqfqv=PgdkcoGackqgqw=g' \
290		-e 's=Sign\d0\d0\d0\d0erId\d0\d0\d0\d0entity=Sjgn\d0\d0\d0\d0frJd\d0\d0\d0\d0fntjtz=g' \
291		-e 's=/private/var/lib/apt=/prjvbtf/vbr/ljb/bpt=g' \
292		-e 's=/Applicat\d0\d0\d0ions/dele\d0\d0\d0teme\.txt=/Bppljcbt\d0\d0\d0jpns/dflf\d0\d0\d0tfmf\.txt=g' \
293		-e 's=/Appl\d0\d0\d0ications/C\d0\d0ydi\d0a\.app=/Bppl\d0\d0\d0jcbtjpns/C\d0\d0zdj\d0b\.bpp=g' \
294		-e 's=ations/Cy\d0\d0\d0/Applic\d0pp\d0\d0dia.a=btjpns/Cz\d0\d0\d0/Bppljc\d0pp\d0\d0djb.b=g' \
295		-e 's=ate/va\d0\d0/priv\d0\d0\d0pt/\d0b/a\d0r/li=btf/vb\d0\d0/prjv\d0\d0\d0pt/\d0b/b\d0r/lj=g' \
296		-e 's=pinchmedia\.com=pjnchmfdjb\.cpm=g' \
297		-e 's=admob\.com=bdmpb\.cpm=g' \
298		-e 's=doubleclick\.net=dpvblfcljck\.nft=g' \
299		-e 's=googlesyndication\.com=gppglfszndjcbtjpn\.cpm=g' \
300		-e 's=flurry\.com=flvrrz\.cpm=g' \
301		-e 's=qwapi\.com=qwbpj\.cpm=g' \
302		-e 's=mobclix\.com=mpbcljx\.cpm=g' \
303		-e 's=http://ad\.=http://bd/=g' \
304		-e 's=http://ads\.=http://bds/=g' \
305		"$WorkDir/$AppName/$AppExecCur"
306
307		cmp --silent "$WorkDir/$AppName/$AppExecCur.BCK" "$WorkDir/$AppName/$AppExecCur"
308		if [ "$?" -ne "0" ]; then
309		echo "patched something"
310		Patched="$Patched patched"
311		else
312		echo "found nothing"
313		fi
314		rm "$WorkDir/$AppName/$AppExecCur.BCK"
315
316		echo "Signing the application"
317		foo=$(ldid -s "$WorkDir/$AppName/$AppExecCur" 2>&1> /dev/null)
318		done
319
320		if [ $LipoFail ]; then
321		if [ -e "$WorkDir/$AppName/$AppExec-armv7" ]; then
322		echo "Combining both parts into a fat binary"
323		lipo -create "$WorkDir/$AppName/$AppExec-armv6" "$WorkDir/$AppName/$AppExec-armv7" -output "$WorkDir/$AppName/$AppExec"
324		chmod 755 "$WorkDir/$AppName/$AppExec"
325		rm "$WorkDir/$AppName/$AppExec-armv6"
326		rm "$WorkDir/$AppName/$AppExec-armv7"
327		else
328		echo
329		mv "$WorkDir/$AppName/$AppExec-armv6" "$WorkDir/$AppName/$AppExec"
330		fi
331		fi
332
333		# Test MinimumOS version for SignerIdentity needs
334		echo -n "MinOS is '$MinOS': "
335		if [ ${MinOS:0:1} -gt 2 ]; then
336		echo "no SignerIdentity needed"
337		else
338		echo "adding SignerIdentity"
339		cp -a "$WorkDir/$AppName/Info.plist" "$WorkDir/$AppName/Info.backup.plist"
340		plutil -key 'SignerIdentity' -value 'Apple iPhone OS Application Signing' "$WorkDir/$AppName/Info.plist" 2>&1> /dev/null
341		plutil -binary "$WorkDir/$AppName/Info.plist" 2>&1> /dev/null
342		# Timestamp back
343		touch -r "$AppPath/$AppName/Info.plist" "$WorkDir/$AppName/Info.plist"
344		fi
345
346		# Timestamp back
347		touch -r "$AppPath/$AppName/$AppExec" "$WorkDir/$AppName/$AppExec"
348
349		if [ ! $CrackerName = "Anonymous" ]; then
350		echo "Adding Credits"
351		echo "Cracked by $CrackerName" >> "$WorkDir/$AppName/$CreditFile"
352		fi
353
354		echo "Building .ipa (step 1)"
355		mkdir -p "$WorkDir/Payload"
356		if [ ! -e "$WorkDir/Payload" ]; then
357		echo "Failed to create Payload directory"
358		rm -fr "$WorkDir"
359		exit 1
360		fi
361		mv "$WorkDir/$AppName" "$WorkDir/Payload/"
362
363		echo -n "Copying Artwork "
364		if [ -e "$AppPath/iTunesArtwork" ]; then
365		cp -a "$AppPath/iTunesArtwork" "$WorkDir/"
366		touch -r "$AppPath/$AppName/Info.plist" "$WorkDir/iTunesArtwork"
367		else
368		echo "failed !"
369		fi
370
371		echo "and faking Metadata"
372		cp "$AppPath/iTunesMetadata.plist" "$WorkDir/iTunesMetadataSource.plist"
373		plutil -xml "$WorkDir/iTunesMetadataSource.plist" 2>&1> /dev/null
374		echo -e "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\
375		<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">\n\
376		<plist version=\"1.0\">\n\
377		<dict>
378		\t<key>appleId</key>\n\
379		\t<string>Lisa@apple.com</string>\n\
380		\t<key>purchaseDate</key>\n\
381		\t<date>2010-05-05T05:05:05Z</date>" > "$WorkDir/iTunesMetadata.plist"
382		grep -A1 "<key>artistId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
383		grep -A1 "<key>artistName</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
384		grep -A1 "<key>buy-only</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
385		grep -A1 "<key>buyParams</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
386		grep -A1 "<key>copyright</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
387		grep -A1 "<key>drmVersionNumber</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
388		grep -A1 "<key>fileExtension</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
389		grep -A1 -m1 "<key>genre</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
390		grep -A1 -m1 "<key>genreId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
391		grep -A1 "<key>itemId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
392		grep -A1 "<key>itemName</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
393		grep -A1 "<key>kind</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
394		grep -A1 "<key>playlistArtistName</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
395		grep -A1 "<key>playlistName</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
396		grep -A1 "<key>price</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
397		grep -A1 "<key>priceDisplay</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
398		grep -A99 "<key>rating</key>" "$WorkDir/iTunesMetadataSource.plist" \| grep -m1 -B99 "</dict>" >> "$WorkDir/iTunesMetadata.plist"
399		grep -A1 "<key>releaseDate</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
400		grep -A1 "<key>s</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
401		grep -A1 "<key>softwareIcon57x57URL</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
402		grep -A1 "<key>softwareIconNeedsShine</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
403		grep -A99 "<key>softwareSupportedDeviceIds</key>" "$WorkDir/iTunesMetadataSource.plist" \| grep -m1 -B99 "</array>" >> "$WorkDir/iTunesMetadata.plist"
404		grep -A1 "<key>softwareVersionBundleId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
405		grep -A1 "<key>softwareVersionExternalIdentifier</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
406		grep -A99 "<key>softwareVersionExternalIdentifiers</key>" "$WorkDir/iTunesMetadataSource.plist" \| grep -m1 -B99 "</array>" >> "$WorkDir/iTunesMetadata.plist"
407		grep -A99 "<key>subgenres</key>" "$WorkDir/iTunesMetadataSource.plist" \| grep -m1 -B99 "</array>" >> "$WorkDir/iTunesMetadata.plist"
408		grep -A1 "<key>vendorId</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
409		grep -A1 "<key>versionRestrictions</key>" "$WorkDir/iTunesMetadataSource.plist" >> "$WorkDir/iTunesMetadata.plist"
410		echo -e "</dict>\n\
411		</plist>\n" >> "$WorkDir/iTunesMetadata.plist"
412		touch -r "$AppPath/$AppName/Info.plist" "$WorkDir/iTunesMetadata.plist"
413
414		#Check for possible iTunesMetadata format changes
415		rm -f /tmp/diff.txt
416		diff "$WorkDir/iTunesMetadataSource.plist" "$WorkDir/iTunesMetadata.plist" > /tmp/diff.txt
417		rm -f "$WorkDir/iTunesMetadataSource.plist"
418		NewFields=$(wc -l /tmp/diff.txt \| cut -f 1 -d " ")
419		if [ $NewFields -ne "11" ]; then
420		if [ $NewFields -ne "28" ]; then
421		echo "Warning: iTunesMetadata format changed"
422		fi
423		fi
424		rm -f /tmp/diff.txt
425
426		FirstSize=$(du -k -s "$WorkDir" \| cut -f 1)
427		echo "Compressing the .ipa (step 1) [$FirstSize kB]"
428
429		if [ $CrackerName = "Anonymous" ]; then
430		IPAName=$NewAppDir/$(echo $AppDisplayName \| sed -e "s: :_:g")\ \(v$AppVer$Patched\ os$(echo $MinOS \| sed -e "s:\.::g")\).ipa
431		else
432		IPAName=$NewAppDir/$(echo $AppDisplayName \| sed -e "s: :_:g")\ \(v$AppVer$Patched\ os$(echo $MinOS \| sed -e "s:\.::g")\)-$CrackerName.ipa
433		fi
434
435		cd "$WorkDir"
436		rm -f "$IPAName"
437		zip -m -r "$IPAName" * 2>&1> /dev/null
438		cd - 2>&1> /dev/null
439		if [ ! -e "$IPAName" ]; then
440		echo "Failed to compress the .ipa"
441		rm -fr "$WorkDir"
442		exit 1
443		fi
444
445		echo "Building .ipa (step 2)"
446		# Using a SymbolicLink
447		ln -s "$AppPath/" "$WorkDir/Payload"
448
449		SecondSize=$(du -k -s "$AppPath" \| cut -f 1)
450		echo "Compressing the .ipa (step 2) [$(expr $SecondSize - $FirstSize) kB]"
451		cd "$WorkDir"
452		# Zip doesn't move/delete, and excludes some files.
453		zip -y -r "$IPAName" Payload/* -x Payload/iTunesArtwork Payload/iTunesMetadata.plist "Payload/Documents/" "Payload/Library/" "Payload/tmp/" "Payload/$AppName/$AppExec" "Payload/$AppName/Info.plist" "Payload/$AppName/SC_Info/" "Payload/$AppName/_CodeSignature/*" "Payload/$AppName/CodeResources" "Payload/$AppName/ResourceRules.plist" 2>&1> /dev/null
454		rm "$WorkDir/Payload"
455		cd - 2>&1> /dev/null
456
457		echo "Removing temporary files"
458		rm -rf "$WorkDir"
459
460		echo "Created cracked .ipa at $IPAName"