Developing for a Jailbroken iPhone A to Z (iOS 4.0.1)

Jailbreak Development for iOS4!

Vital Stats:
iOS 4.0.1
Xcode 3.2.3
Mac OSX 10.6.4 Snow Leopard
iPhones 3G, 3GS, 4 (I finally have the whole lineup!)

PROBLEM: I still can’t get iPhone 4 working. If you have one, please try it and help me out! UPDATE: Found the cause of the problem to be certain status bar libraries installed alongside other apps. I’m not sure why they cause the problem, but see full notes at the bottom of the post.

The Goal: As usual, we want to be able to click “build and go” in Xcode and get the app we’re working on to load to the phone and start up. Also, we want to be able to debug from within Xcode itself. After all, Xcode is cool, and terminal+makefiles+gcc+gdb is lame.

Abstract: The plan remains unchanged from the 3.x method. In fact, you commenters practically wrote this one for me. This time we’re going to tell Xcode that it doesn’t need to codesign for iPhoneOS targets, then we’re going to tell it don’tcodesign for iPhoneOS targets, then we’re going to tell it, well, actually, codesign but do it using our script, not your built in method.

The Process: With Xcode closed and your device unplugged from the computer,

    1. If you’ve done this step before for previous guides, you may ignore it. You’ll need a code signing identity in order to sign code to run on the device. Normally, this would be issued by Apple, but later on we’ll break the signature check so you can make a “Self-Signing Identity” using this guide from apple (coral). Note that you should name the identity “iPhone Developer” EXACTLY to avoid having to change a bunch of the steps below.
    2. On your jailbroken iPhone, install the app AppSync. Add the source to cydia. You’ll get a warning about pirating software: this patch, by virtue of breaking Apple’s DRM so that we can install our own app, also enables us to install cracked App Store apps. Don’t do that. It’s immoral, fails to support legitimate developers who should be rewarded for their effort, and perhaps above all, pirating $2 cell phone apps is just ultra lame. But since our purposes are not nefarious, dismiss the warning. From this repo, install the package AppSync for OS 4.0, and for good measure, reboot the device.
    3. Make some Plist adjustments, starting with SDKSettings.plist:
      cd /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.0.sdk
      sudo cp SDKSettings.plist SDKSettings.plist.orig
      sudo vi SDKSettings.plist



      and change YES to NO
      then find


      and change YES to NO again. HINT: in vi, you can type the ‘/’ key in order to “Cmd-F”

    4. Now, move on to the platform Info.plist
      cd /Developer/Platforms/iPhoneOS.platform/
      sudo cp Info.plist Info.plist.orig
      sudo vi Info.plist

      Two times, the following appears:


      Find each occurrence and replace the block



    5. And now the real bad boy, some binary patching of Xcode:
      cd ~/Desktop
      vi script

      hit the “i” key and copy/paste:

      cd /Developer/Platforms/iPhoneOS.platform/Developer/Library/Xcode/Plug-ins/iPhoneOS\ Build\ System\ Support.xcplugin/Contents/MacOS/
      dd if=iPhoneOS\ Build\ System\ Support of=working bs=500 count=255
      printf "\xc3\x26\x00\x00" >> working
      /bin/mv -n iPhoneOS\ Build\ System\ Support iPhoneOS\ Build\ System\ Support.original
      /bin/mv working iPhoneOS\ Build\ System\ Support
      chmod a+x iPhoneOS\ Build\ System\ Support

      type the keys, in order: “:” “x” “enter”

      chmod 777 script

      If it works right, you should see something like

      $ ./script
      223+1 records in
      223+1 records out
      111648 bytes transferred in 0.002678 secs (41692099 bytes/sec)

At this point, you’re done telling Xcode it doesn’t need to codesign. Now, we tell it don’t codesign:

    1. With a new project open and ready to go (presumably you want to debug this one, though once you change these settings once, they’ll persist from project to project) open Project>Edit Project Settings (from the menu). Click on the “Build” tab.
      Find “Code Signing Identity” and its child “Any iPhoneOS Device” in the list, and set both to the entry “don’t code sign”

      Screen shot 2010-01-11 at 1.05.42 AM
      Should look like this

      Now you’ve told Xcode “don’t codesign.”


  1. Almost done: time to tell Xcode “well, actually you should codesign.”
    mkdir /Developer/iphoneentitlements401
    cd /Developer/iphoneentitlements401
    curl -O
    mv gen_entitlements.txt
    chmod 777
  2. Just hit cancel.

    And finally, to link the device and computer. Plug your iPhone in and open Xcode. Open Window>Organizer. Select the device from the list on the left hand side, and click “Use for development.” You’ll be prompted for a provisioning website login, click cancel. It’s there to make legitimate provisioning easier, but doesn’t make illegitimate not-provisioning more difficult.

Now you’re good to go! But there’s just one last thing. You have to do this last part for every new project you make. Go to the menu Project > New Build Phase > New Run Script Build Phase. In the window, copy/paste this:

export CODESIGN_ALLOCATE=/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/codesign_allocate
if [ "${PLATFORM_NAME}" == "iphoneos" ]; then
/Developer/iphoneentitlements401/ "${PROJECT_NAME}" "${BUILT_PRODUCTS_DIR}/${WRAPPER_NAME}/${PROJECT_NAME}.xcent";
codesign -f -s "iPhone Developer" --entitlements "${BUILT_PRODUCTS_DIR}/${WRAPPER_NAME}/${PROJECT_NAME}.xcent" "${BUILT_PRODUCTS_DIR}/${WRAPPER_NAME}/"

That will call the script you just downloaded in step 5 to sign our app with a fake signature. This is important only for debugging. If you do build and go otherwise, the app will load to the phone, but the app will fail to launch and you’ll get:

Error from debugger: The program being debugged is not being run

That should do it. Take all those steps and you should be home free for JBDev without paying $99.

CREDITS: Once again, credit for this process goes to various posters in this forum thread at All of these steps are there somewhere, it just took a while to re piece them together in the right combination.

iPhone 4 Issue (UPDATE see below): So the method above has been tested working for my 3G and my 3GS. I don’t have my 2G right with me, but I expect it’s no different from the previous method, given that it can’t run iOS4.

The problem that I run into is this:

[Session started at 2010-08-04 20:35:02 -0400.]
//GDB stuff
Program loaded.
target remote-mobile /tmp/.XcodeGDBRemote-93925-69
Switching to remote-macosx protocol
mem 0x1000 0x3fffffff cache
mem 0x40000000 0xffffffff none
mem 0x00000000 0x0fff none
[Switching to thread 11523]
[Switching to thread 11523]
warning: Unable to read symbols for "/Library/MobileSubstrate/MobileSubstrate.dylib" (file not found).
// A bunch of other lib load warnings like this here...
warning: Unable to read symbols for "/Developer/Platforms/iPhoneOS.platform/DeviceSupport/4.0.1/Symbols/usr/lib/libcrypto.0.9.8.dylib" (file not found).

Debugger stopped.
Program exited with status value:45.

The killer is that the app installs, launches, crashes, and then launches fine manually. But I also can’t connect GDB to the running process after the fact either, GDB claims the process isn’t running. I have no idea what’s going on. Anyone?

What gives?!

UPDATE (8/3/10): Totally by chance I happened to read this article on TUAW today about FaceTime. I didn’t pay much attention until about half way down something caught my eye:

…rather significant My3G bug — when installed, you cannot use your iPhone for native software development….

I had initially thought that maybe third party software was to blame but I meticulously disabled each MobileSubstrate extension I had one at a time and ruled them all out. Turns out that wasn’t good enough. The (since fixed) My3G bug was exactly the source of this issue, but I had actually uninstalled My3G and the problem persisted. The issue, it turns out, is with the status bar library Intelliborn uses in their products, IntelliStatusBarIcons. BUT, it doesn’t stop there. By individually uninstalling apps, I’ve found that Backgrounder (and NOT libstatusbar) also cause a dealbreaking bug. Instead of the program exiting with status:45, the new error is “Program received signal: “SIGUSR1”. at which point the application hangs. Conveniently, the workaround is easy, if annoying: For your particular project title, add an Override in Backgrounder. Hopefully this IS a bug in Backgrounder and not a byproduct of its function. But at least now you can debug again!

So partly I’m dumb and partly this is just a bummer. Full story in this post, but the general idea is that gdb catches a SIGUSR1 from Backgrounder and you have to ‘continue’ through it. And obviously, disabling Backgrounder for your app prevents the signal from getting sent.


  1. Antonio
    November 17, 2011

    I’m working with Lion an IOS5… but when I’m trying to execute the script, the terminal said ./script: line 2: cd: /Developer/Platforms/iPhoneOS.platform/Developer/Library/Xcode/Plug-ins/iPhoneOS Build System Support.xcplugin/Contents/MacOS/: No such file or directory Does anyone the correct path?


  2. alessandro
    November 26, 2011

    thanks a lot for the help, but I’m stumbling a bit…
    I have an ipad2 with iOS: 4.3.3 (8J2), and work with SnowLeopard, xcode v.3.2.6. Concerning your steps:

    step 1) I copied Info.plist from another bundle, and modified to:

    iPhone Developer

    … this Info.plist is a common one, used by all the apps I write – or has to be copied in the source folder with each app?
    Also, the steps in the “Code Signing Guide” after the file creation – they are not to be taken, right (manually using codesign and so on…)?

    Last, I opened xcode, create project test, doubleclick on target: opens info. add in Linking – Other linker flags: -sectcreate __TEXT __info_plist path_to_my_Info.plist

    step 8) after clicking “Use for development.” I get a warning “Unknown iOS detected(…)Xcode can collect debugging data from the device(…)”
    … but seems to work at the end

    Last, as I try build&run on the default test project, I get:

    iPhone Developer: no identity found

    any help???


  3. Behzad
    November 27, 2011


    On xCode 4.2 I did not found the following directory to apply the “bad boy” patch.

    /Developer/Platforms/iPhoneOS.platform/Developer/Library/Xcode/Plug-ins/iPhoneOS\ Build\ System\ Support.xcplugin/Contents/MacOS/

    Where is the directory located for xCode 4.2?
    Please help.

  4. meg
    December 1, 2011


    Use this path:

    /Developer/Platforms/iPhoneOS.platform/Developer/Library/Xcode/PrivatePlugIns/iPhoneOS\ Build\ System\ Support.xcplugin/Contents/MacOS/

    All this stuff work great with my iPad 2 (iOS 4.3), xCode 4.2

  5. guest
    December 1, 2011

    it works great on JB ipod touch 4g ios 4.3.4
    i can get it to work on JB iphone 2g ios 3.1.3

    any suggestion will be appreciated

  6. Thangdq88
    December 2, 2011

    It’s not work on Xcode 4.2.1 :(( Please help me!!!!

  7. Shine
    December 3, 2011

    I used Xcode 3.2.6 with iphoneSDK 4.3 on Snow Leo 10.6.8, when I run my app it gave the following error :

    ../../bla.xcent : Cannot execute binary file
    Command /bin/sh failed with exit code 126

    Could someone please help?

  8. December 4, 2011

    I cannot locate a project and New Build Phase in Xcode 4.1.
    Project > New Build Phase > New Run Script Build Phase

    Where do i run above

  9. guest
    December 5, 2011

    xcode 4.2.1

    works great on JB ipod touch 4g ios 4.3.4
    i CAN’T get it to work on JB iphone 2g ios 3.1.3

    any suggestion will be appreciated


    I get both devices running on xcode 3.2.6

    you can remove my previous post 🙂

  10. James
    December 8, 2011

    Thanks so much for this walkthrough. It works on xCode 4.2, iOS 5. You just have to change the first script to the PrivatePlugin directory, as suggested above.

  11. Deva
    December 12, 2011

    I’m novice user for this and I have xcode 4.2.1 and iOS 5 SDK installed. When I try to do the first step of this guide I found that I have only iPhoneOS5.0.sdk folder inside /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/ path. Please let me know how to proceed with this setup ?


  12. Itay
    December 15, 2011

    I have a question (i’m doing iPhone development for jailbroken devices)
    and i try to run my .app from the ssh command line (i’m using the ABAdressBook API –
    and it seems that the API is not working when running the app from command line .
    when running the app normally from the spring board – the ABAdressBook API is working ok.

    anyone has any idea why?

  13. December 20, 2011

    Thank you for the article, helped me a lot!
    And yeah, this works on ios5 and xcode 4.2 too 🙂
    Just notice that ios4.0 is now ios5.0 and that.
    I didn’t needed the binary patch anyway…
    Xcode just says i couldn’t start the executable, but the app is on my ipod and i can run it 🙂

  14. xCoderUnity
    December 30, 2011

    I can’t get debugging to work. If I add the Run Script Build Phase, I get this error:
    “syntax error near unexpected token fi”
    How do I fix this?

  15. Dave
    December 30, 2011

    Thank you! Thank you so much! It works like a charm. I’m taking an iOS development course and that way I can debug on device without wasting the money. That way, I can start paying when I am ready to deploy applications.

    Once again, Thank you! (and by the way, nice FC Barcelona T-Shirt 😉

    ios5, xcode 4.2

  16. December 30, 2011


    First of all I want to thank you for your amazing work on this article. I had to read thru the article only once and everything worked. But as I have multiple computers that I use to develop my iOS applications, I thought of automating the process.

    I’ve succeeded in writing a Mac application which does that, the only problem is that it uses content from this site. I would like to publish my app with your help and authorization.

    If you are interested, please contact me.


  17. December 30, 2011

    Hey guys, it’s me, bensge ,again 🙂

    I forgot step 7 last time, and so i wasn’t abled to debug the app on my ipod 4g.
    But now i did step 7 andf it worked!!! I got live debugging on my real device working!
    Thank you sooo much for this awesome tutorial, you save me 80$ every year 😀

  18. December 30, 2011

    As I could not wait for the permission of our hero Alex, I’ve already published the application which does all of the above automatically. You can find it by clicking my name and going to Mac Software. The application is called ‘Jailbreak Xcode’

  19. December 30, 2011

    No worries, I’ll have to try it myself! But beware, the patching script isn’t mine.

  20. Dave
    December 30, 2011


    Did somebody get any luck profiling? I can launch the app and debug on the device, but when I try to run profiler on the ipad it says:
    Target failed to run: Remote exception encountered: ‘Failed to get task for pid 6920’
    That is on iPad 1 with iOS 5.0
    On an iPhone with iOS 5.0.1 the device just reboots.

  21. Dini
    January 8, 2012

    Hi everybody!
    I have:
    iPhone 3G 4.2.1
    XCode 4.2.
    Lion 10.7.2.

    When I tried to link iPhone with my computer following error message appeared:

    Xcode has encountered an unexpected error (0xC002)
    No such file or directory, at

    Maybe somebody faced this problem before?

  22. Dave
    January 9, 2012

    Dear Dini,

    I think I may have an answer for you. If you check the wikipedia link for xcode, it says that xcode 4 dropped support for several older systems, including “all iOS SDKs older than 4.3”.
    That means with xcode 4.2 you can’t develop with 4.2.1 SDK.

    Hope that helps,


  23. January 13, 2012

    Doesn’t work for xcode 4, SDK 4.3, iOS 4. The ldid method is way better than this.

  24. Antonio
    January 17, 2012

    Alex! First of all, Great job!! I’ve learned a lot :). But my question is, if it is possible to do that with IOS 5 and XCode 4.2 or 4.3…

    If it is possible, could you update the review o where we can find any tutorial… (We all have the jailbreak for 5.0.1 🙂 )

    thanks for all. I really appreciate all this work


  25. Mostafa
    January 23, 2012

    I’m doing all of this and i getting this error when i want to build project

    env: python: No such file or directory
    /Users/mostafavafi/Library/Developer/Xcode/DerivedData/SMS_Bubbles-cbnuxtloxfwufnbcrrfsxanhpdub/Build/Intermediates/SMS line 5: codesign: command not found

    in my terminal, when i enter codesign, it exists. env and python exist too. i cant understand what is the problem.

  26. patrick
    January 23, 2012

    Hey man, you got anything for iOS5 already? or xcode 4?

  27. einzelkind
    January 26, 2012

    Just spent an hour or so wrestling with this, so I’ll document my experience getting it to work with my system (Hackintosh 10.6.8, xcode 4.2, iPod Touch 2G (iOS 4.2.1))

    1. Step #1 (above) isn’t a note or a warning, it’s a step! You do have to create a certificate, by going to the link and creating the certificate with Keychain Assistant. Make sure it’s a Code Signing certificate too.

    2. (for step #5) As noted elsewhere, in XCode 4.2 the plugin is in the PrivatePlugins folder now (
    cd /Developer/Platforms/iPhoneOS.platform/Developer/Library/Xcode/PrivatePlugins/iPhoneOS\ Build\ System\ Support.xcplugin/Contents/MacOS/

    3. If you’ve been disabling any daemons (for more memory), you need to enable: and console in XCode) and (Step #7 will fail otherwise)*.plist – (Unsure, but can’t do any harm)

    4. (for older iOS devices) XCode 4.2 targets armv7 by default, so you must change architectures. See

    (note there may be a compiler problem for armv6. Check the links).

  28. Taltos
    January 30, 2012

    This method is great. I used XCode 4 (or 4.1) iOS SDK 4.3 and tested it on iPad2 running iOS 4.3.3. I encountered only one issue though. When pressing on run (the play button on XCode) an error message appears on XCode but the app icon does come up on my iPad. I just have to do the extra step of running the app maually by touching its icon. Of course I also have to clear the error window.
    Apart from this minor inconvenience it’s working fine.

  29. Taltos
    January 30, 2012

    This method is great. I used XCode 4 (or 4.1) iOS SDK 4.3 and tested it on iPad2 running iOS 4.3.3. I encountered only one debugging issue though. When pressing on run (the play button on XCode) an error message appears on XCode but the app icon does come up on my iPad. I just have to do the extra step of running the app manually by touching its icon. Of course I also have to clear the error window.
    Apart from this minor inconvenience it’s working fine.
    For those, like me, looking for testing iOS 5 app, so far this method have not been successfull with XCode 4.2 and iOS 5.

  30. Redkigs
    February 5, 2012

    Thanks for this great tutorial. Anybody already tested on IOS5 and xCode 4.2? I have partially follow the steps and found that the paths are different. I stucked at step 5.

  31. jagdish
    February 9, 2012

    hey, did any one of you succeed to develop for ios 5 (jailbreaked iphone 4s, firmaware 5.0.1) using Xcode 4.2.1?

  32. Krutify
    February 10, 2012

    This is working on a jailbroken iPhone 4s with 5.0.1 using Xcode 4.2.1

    Of course use AppSync 5.0 and for step 3, you use sdk 5.0 instead of 4.0

  33. jagdish
    February 10, 2012

    If above procedure is working for you for jailbreaked iphone 4s with 5.0.1 using Xcode 4.2.1, I am going to try this one. Please tell me if it works ! And thanks a lot in advance !

    Btw, did you follow all the above steps and installed AppSync 5.0 on iphone 4s? If not, can you describe a little bit in detail about what you did to make it work ?

    Are you able to both debug & run the project on jailbreaked device from Xcode?

    Thanks in advance !

  34. Chad
    February 11, 2012

    Thanks, Alex. Works perfectly for me with XCode 4.2 and iOS SDK 5.0 on Snow Leopard 10.6.8.

    I had to change /Plug-ins/ to /PrivatePlugIns/ in the second line of the shell script. Otherwise, I just followed the directions verbatim.

    I’m using my first-gen iPhone (iOS 3.1.3) as the target device. Compiling an iOS 3 compatible app from XCode 4 is a whole ‘nother set of hoops to jump through. If anyone else is looking to do the same thing, there’s a great answer on StackOverflow that explains what to do

  35. Krutify
    February 13, 2012

    Yes jagdish, the above method worked for my iPhone 4s on 5.0.1 with Xcode 4.2.1 on OS X 10.7.3 (Lion)

    Use AppSync for iOS 5.0 and for step 3 use:

    cd /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk

    Although for step 3, I just used finder to make a copy of SDKSettings.plist
    Moved SDKSettings.plist to the desktop so I can edit it.
    Opened it in Xcode.
    Then moved SDKSettings.plist back to /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk/
    Clicked Authorize.

    As for the rest of the steps, I don’t think I had to change anything (I did this for an earlier version of Xcode / iOS so when I upgraded all I had to redo was step 3/4)

    I hope that helps!

  36. Serjio
    February 26, 2012

    Krutify, batching the xcode 4.2 didn’t work for me: the script failed to find the plugin
    cd /Developer/Platforms/iPhoneOS.platform/Developer/Library/Xcode/Plug-ins/iPhoneOS\ Build\ System\ Support.xcplugin as well as other directories.
    any hints?

  37. Serjio
    February 26, 2012

    I did it! I had to change /Plug-ins/ to /PrivatePlugIns/ in the second line of the shell script, as Chad suggested earlier. So, here with Xcode 4.2, iOS SDK 5, 10.6.8 it seems to work fine 🙂

  38. March 3, 2012

    This worked fine for me in Xcode 4.3 with making the changes from the comments in the scripts

  39. Satwa S. Rao
    March 13, 2012

    I was able to do this. Having Xcode 4.2 works neatly on 10.7.3.

    The code signing thing is the first drop down item, where it states initially S/MIME, change it to CodeSign.

    I’ve also changed a few things on the script in order to make it more fancy…just added some \ for line breaks and tabs 🙂

    export CODESIGN_ALLOCATE=/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/codesign_allocate
    if [ “${PLATFORM_NAME}” == “iphoneos” ]; then
    /Developer/iphoneEntitlements401/ “${PROJECT_NAME}” \

    codesign -f -s “iPhone Developer” –entitlements \

  40. March 16, 2012

    I just found out that the step 3 and 4 must be done in another way when you have updated your xCode to 4.3 or 4.3.1 through AppStore.
    You can find the info.plist and SDKSettings.plist file in the following locations:



    Just Command drag them on the desktop, modify them and put them back to their folder. then restart the xCode.

    Thanks for the great article. 🙂

  41. chris titus
    March 22, 2012

    Thank you so much for the tutorial! After countless hours of frustration, your solution (with the help of a few comments) finally got this working for me on XC 4.2 (5.0 SDK).

  42. Iulian
    March 22, 2012

    Hi ,
    I am on OSX 10.7.3 and Xcode 4.3.1 . Which script should I use, in order to work for this configuration ? Can someone update the necessary steps?

Leave a Reply

Your email address will not be published. Required fields are marked *