End-to-end FairPlay decrypter for App Store apps.
Give it a bundle ID, get a decrypted .ipa. And yes - it happily decrypts iOS 26 apps.
You don't have to run an encrypted iOS app to decrypt it. After posix_spawn with POSIX_SPAWN_START_SUSPENDED or SBSLaunchApplicationWithIdentifier - mach_vm_read the __TEXT segment to get plaintext. So we kind of simplified the problem of decrypting .ipa to bare minimum. It's my braindead way of calling mremap_encrypted without mremap_encrypted.
- macOS, Linux, or Windows - anything that can SSH into the device
- Go 1.25+ for building from source (prebuilt binaries are on the releases page)
- Jailbroken iPhone reachable over the network
All installable through Sileo:
| Package | Purpose |
|---|---|
| OpenSSH | SSH server - ipadecrypt drives the device over SSH |
| AppSync Unified | Bypasses installd's signature check (add repo https://lukezgd.github.io/repo) |
| appinst | Installs modified IPAs on the device |
| zip | Packages the decrypted IPA on-device |
Tested on iOS 16.7.11 with palera1n rootless and Dopamine on iPhone 8 Plus. iOS 14 through 17 on A10–A14 devices are expected to work.
Download a prebuilt binary from the releases page.
Using go install:
go install github.com/londek/ipadecrypt/cmd/ipadecrypt@latestFrom source (refer to BUILDING.md for detailed instructions):
git clone https://github.com/londek/ipadecrypt
cd ipadecrypt
go build ./cmd/ipadecryptipadecrypt bootstrapA four-step interactive wizard:
- App Store sign-in - prompts for Apple ID; handles 2FA. Credentials stay local in
~/.ipadecrypt/config.json. - Device connect - SSH host / user / password; probes iOS version + arch.
- Prerequisites - verifies AppSync,
appinst, andzipare installed. - Helper install - uploads a small embedded helper binary.
ipadecrypt decrypt <bundle-id|app-store-id|app-store-url|path-to-local-ipa>MIT.
- majd/ipatool - the Apple Configurator impersonation the App Store client is based on.
- 34306/TrollDecryptJB -
task_for_pid+mach_vm_readfrom a suspended spawn, entitlement set. - akemin-dayo/AppSync - installd signature-bypass tweak +
appinst. - JohnCoates/flexdecrypt - the pre-iOS-16 approach that stopped working and prompted the pivot.
This project was developed with the assistance of AI tools. While I can't guarantee the accuracy of all AI-generated content, I have overviewed creation process and then reviewed, tested the code to ensure it meets the project's requirements.