shy is a demo iOS application protected using IOSSecuritySuite library. The app was created to test new bypass methods for jailbreaking, tampering, debugging, emulation and more.
I initially wanted to create Scrumdinger from Apple's official documentation. Dropped it in half and started implementing security protection measures. However I highly recommend taking the course(In the end I did it).
Homepage consists of a clickable card which showing the number of defense to be bypassed.
Check Device Status consists of a clickable button that shows the current security status of the phone. The goal is to bring all Boolean fields to FALSE by exploiting several bypass methods.
At the moment shy supported only iOS 14 and later. Check branch or Releases for finding your version.
From Releases, download shy ipa file. Sideloading it with tool like Sideloadly, CydiaImpactor and more.
After installation, the app may generate errors such as file integrity problems or untrusted developers. You can follow the next steps to eliminate the errors and use the app.
With your Iphone, from Releases, follow download-shy link, insert password and download app.
This error shows up when you try to install more than 3 apps with a free Apple Developer account. Paid Apple Developer Accounts ($99/year) can have as many apps as they want and they last for one year, but the free developer accounts are now all limited to 3 apps per device for 7 days.
If you are getting “App cannot be installed because its integrity could not be verified” it’s very likely because you already have 3 apps installed. Do keep in mind that AltStore counts towards this limit.
zip -r Payload.zip Payload/
mv Payload.zip Payload.ipa
For installing IPA files follow Method 1 - Sideloading(Clean)
Developer Mode or other App installed on the system could be mistaken for a jaibreak. For the purpose of our goal this is not a problem because we will always try to bypass all checks. In any case it is an issue to investigate because it is a false positive.
In my case, undecimus:// URL scheme detected and jailbreak flag set to TRUE.
If you are curious, I added this code snippet to help you identify your false positive for Jailbrek. Once you run the checks you can look in the Xcode console at your specific error.
let jailbreakStatus = IOSSecuritySuite.amIJailbrokenWithFailMessage()
if jailbreakStatus.jailbroken {
print("Jaibroken because: \(jailbreakStatus.failMessage)")
} else {
print("Nothing to say about Jailbreak")
}
Author: dipa96
Source: https://github.com/dipa96/shy