Developing for a Jailbroken iPhone A to Z (iPhone 3.1.2)

Debugging on device. Freaking finally.
Debugging on device. Freaking finally.

UPDATE: There’s a new method for iOS4 but they’re pretty similar anyway.

So it’s been a while, but now that I’m on break again and have some time, I’m doing a bit of iPhone development again. That means I’m going to need to debug on-device (or at least load my app to it to have fun in the real world with my handiwork). This time, the procedure’s a little different though.

Vital stats:
iPhone OS 3.1.2
Xcode version 3.2.1, 64 bit
Mac OSX 10.6.2 Snow Leopard

Let’s do it.

UPDATE: Corrected a problem with the run script build phase: corrected the directory names for the new version and copied the new phase that doesn’t include “resource_rules.plist.”

UPDATE 2: Somehow I forgot the add an identity step. It’s now #1 below. Sorry guys. Also, while this whole thing should apply to iPhoneOS 4, I’m going to officially text it/repost with 4.01 soon.

The Goal: The goal is the same as the last time and the time before that: we want to be able to click “build and go” in Xcode and get the app we’re working on to load to the phone and start up. More than that, we want to be able to DEBUG on the thing!

Abstract: Our methodology is slightly different this time around. This time we’re going to tell Xcode that it doesn’t need to codesign for iPhoneOS targets, then we’re going to tell it don’t codesign for iPhoneOS targets, then we’re going to tell it, well, actually, codesign but do it using our script, not your built in method.

The Process:

    1. UPDATE: You actually have to do this first. Most of you didn’t have a problem, since you had to do it in previous guides, but some people have gotten stuck here because I somehow managed to leave this out entirely. Sorry: You will need a signing identity. We’ll break the check such that it doesn’t have to be an official ADC one, so you can make your own using this guide from apple (coral). What you are doing in this step is creating a “Self-Signing Identity.” Note that you should name the identity “iPhone Developer” EXACTLY to avoid having to change a bunch of the steps below.
    2. Make some Plist adjustments, starting with SDKSettings.plist:
      cd /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS3.1.2.sdk
      cp SDKSettings.plist SDKSettings.plist.orig
      vi SDKSettings.plist


      and change YES to NO
      then find
      and change YES to NO again.
    3. Now, move on to the platform Info.plist
      cd /Developer/Platforms/iPhoneOS.platform/
      cp Info.plist Info.plist.orig
      vi Info.plist

      Three times, the following appears:

      Find each occurrence by, in vi, typing the “/” key and CODE_SIGN_CONTEXT (typing / will open a “find” box at the bottom of the window)
      Replace the
      <string>XCiPhoneOSCodeSignContext</string> with
    4. And now the real bad boy, some binary patching of Xcode:
      cd ~/Desktop
      vi script

      hit the “i” key and copy/paste:
      cd /Developer/Platforms/iPhoneOS.platform/Developer/Library/Xcode/Plug-ins/iPhoneOS\ Build\ System\ Support.xcplugin/Contents/MacOS/
      dd if=iPhoneOS\ Build\ System\ Support of=working bs=500 count=255
      printf "\xc3\x26\x00\x00" >> working
      dd if=iPhoneOS\ Build\ System\ Support of=working bs=1 skip=127504 seek=127504
      /bin/mv -n iPhoneOS\ Build\ System\ Support iPhoneOS\ Build\ System\ Support.original
      /bin/mv working iPhoneOS\ Build\ System\ Support
      chmod a+x iPhoneOS\ Build\ System\ Support

      type the keys, in order: “:” “x” “enter”
      chmod 777 script

      If it works right, you should see something like
      255+0 records in
      255+0 records out
      127500 bytes transferred in 0.020355 secs (6263821 bytes/sec)
      189216+0 records in
      189216+0 records out
      189216 bytes transferred in 1.200354 secs (157633 bytes/sec)

At this point, you’re done telling Xcode it doesn’t need to codesign. Now, we tell it don’t codesign:

  1. With a new project open and ready to go (presumably you want to debug this one, though once you change these settings once, they’ll persist from project to project) open Project>Edit Project Settings (from the menu).
    Find “Code Signing Identity” and its child “Any iPhoneOS Device” in the list, and set both to the entry “don’t code sign”

    Screen shot 2010-01-11 at 1.05.42 AM
    Should look like this

    Now you’ve told Xcode “don’t codesign”

  2. The final step is to tell Xcode “well, actually you should codesign.”
    mkdir /Developer/iphoneentitlements312
    cd /Developer/iphoneentitlements312
    curl -O
    mv gen_entitlements.txt
    chmod 777

Now you’re good to go! But there’s just one last thing. You have to do this last part for every new project you make. Go to the menu Project > New Build Phase > New Run Script Build Phase. In the window, copy/paste this:

export CODESIGN_ALLOCATE=/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/codesign_allocate
export CODESIGN_ALLOCATE=/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/codesign_allocate
if [ "${PLATFORM_NAME}" == "iphoneos" ]; then
/Developer/iphoneentitlements312/ "${PROJECT_NAME}" "${BUILT_PRODUCTS_DIR}/${WRAPPER_NAME}/${PROJECT_NAME}.xcent";
codesign -f -s "iPhone Developer" --entitlements "${BUILT_PRODUCTS_DIR}/${WRAPPER_NAME}/${PROJECT_NAME}.xcent" "${BUILT_PRODUCTS_DIR}/${WRAPPER_NAME}/"

That will call the script you just downloaded in step 5 to sign our app with a fake signature. This is important only for debugging. If you do build and go otherwise (in debug build mode) the app will load onto the phone, and will launch and run manually just fine. However, if the debugger tries to launch it then attach to the process (as when build and go is clicked), the app will segfault and die, causing the error
Error from debugger: The program being debugged is not being run

Perhaps the most confusing part about this error is that build and go works fine up until that point WITHOUT disabling regular code signature! If you sign with a fake identity like we used to in the previous tutorials, everything installs fine, but the legit CODESIGN generated signatures cause the segfault, whereas the ones don’t. To further confuse, the regular CODESIGN in this version of Xcode happens last in the build process, wheras it used to be that the custom run script phase happened last before. Meaning we have to kill legit codesigning or it wipes out our fake codesigning. All one monster headache.

But that should do it. Take all those steps and you should be home free for JBDev without paying $99.

Oh right, except the one last (critical) part. You have to have a jailbroken iPhone, and it has to have Installd Patch installed! That part’s critical. You can find Installd Patch in the repo at, if you don’t have it installed.

CREDITS: Once again, credit for this process goes to various posters in this forum thread at All of these steps are there somewhere, it just took a while to re piece them together in the right combination.


  1. Leszek
    June 17, 2010

    It worked! How did you get it? Amazing. Thanks 🙂

  2. WintermeW
    June 17, 2010

    it doesn’t work for me. When i put the “Don’t code sign” options in my project settings, i always get a build error : code signing is required for product type….. and yes, i’ve got the Run script added to my target building process…please help, i’m tired of dealing w/ all that..i just want to code

  3. WintermeW
    June 17, 2010

    My mistake, i forgot the SDKSettings step…..i think i’m getting closer 🙂

  4. LeonBlade
    June 22, 2010

    I’m pleased to say that this method will work perfectly for developing on iOS 4 on a jailbroken device.
    Just go through the steps again, and change anything you see that’s 3.1.2 related to match 4.0.

    Very great news, I’ve tested this and confirmed it works.
    I just built a test application on a jailbroken iPod touch 2G running iOS 4 and it works just fine.

    Thanks again, Alex.

  5. LeonBlade
    June 22, 2010

    Tommy, you shouldn’t deserve credit for anything for exploiting this page for your own benefit.

    By the way, I made a video on optimizing this with a bash script and more, and I credited you in the video. This is just a link-back.

    Thanks again, Alex.

  6. June 22, 2010

    Yes you’re right, but our scripts help more people 🙂 I reposted my comment for the download because more people downloaded it and didn’t work. I had announced that it now works.

    …and of course, I credited Alex in my posts!

    (Sorry for my bad english)

  7. June 22, 2010

    Leon: nice video, thanks for the shout! Is there any chance you can email me the script you wrote or post it to your own domain so I can link it too? Pastie seems to be down and I want to check it out. Also, if that thing actually works on a fresh 4.0 SDK out of the box, I’m going to be pee my pants happy.

    Also, how did you jailbreak? Redsnow? I’m on a 3G and need to myself, but I’m unlocked and in Germany so if I eff something up it’s hours before my phone is useful again.

  8. Calumk
    June 30, 2010

    OK, Jailbroke my 3G[s] and its running 4.0, I assume you can manage this yourself, but if not, head over to modmyi, and they should be able to help, but thats not the point of this post,

    The point is….

    Im Very happy to report that This works Flawlessly for iOS4 (on my 3G[s] at least)
    with only 2 modifications

    1. You need AppSync4.0
    (i used 4.x from sinfulapprepo)

    2. Xcode 3.2.3 (with SDK 4)

    The rest of the steps are the same with the exception that the output from the terminal after the binary patching the terminal print out will look like this:

    223+1 records in
    223+1 records out
    111648 bytes transferred in 0.024474 secs (4561876 bytes/sec)
    0+0 records in
    0+0 records out
    0 bytes transferred in 0.000008 secs (0 bytes/sec)

    (Note the 0+0, and 0 byte is different to what we have seen before… Dont know why yet?)

    Other than that, enjoy 😀
    Thanks again Alex, Amazing tutorial, that has stood the test of time

    P.S I uninstalled my previous version of xcode using
    sudo /Developer/Library/uninstall-devtools –mode=all
    before installing the new xcode with SDK4, dont know if it was necessary or not, just a heads up

  9. Calumk
    June 30, 2010

    Damn it!

    forgot to mention (for the less experianced)
    Make sure you have your iphone selected, and click ‘Use For Development’ in the Organizer Window 😉

  10. Antonio
    June 30, 2010

    Can it be done on an Ipod 3G 32GB jailbreaked with OS 3.1.3 or has to be 3.1.2 ? Thanks in advance

  11. Calumk
    July 1, 2010

    Antonio, if you had read through the comments, you would see that it can…
    Just use the correct version of AppSync (i think its either 3.0, or 3.1, or 3.2) try all three, see which one works

  12. Olivier
    July 2, 2010

    it doesn’t work.

    Iphone 3GS, with ios4, jailbroken.
    xcode 3.2.3, sdk 4

    I obtain an error when compiling :
    iPohne developer : no indentity found
    bin/sh failed with exit code 1.

    but I have respected all the step, and had the same result than the tuto.

    Another point :
    if I use my iphone for developement in Organizer, Organizer ask me a login and password for the Apple developper program ! and then, because I don’t have it, the iphone is not used for developpement.

  13. July 2, 2010

    Oliver, if you copied that error exactly, you have a typo in your identity name. It should be “iPhone Developer.” Otherwise, you just didn’t ever create a certificate in keychain access. As for the second part, I haven’t ever gotten that, but I also haven’t tried this method myself on 4.0. Did you try logging in with your login? If you don’t have one, how did you download the SDK to begin with?

  14. Calumk
    July 2, 2010

    Oliver, I recieved the same ‘login prompt’ when i clicked choose for development

    I clicked cancel (or to that effect) and it went away… works fine for me?

  15. Olivier
    July 5, 2010


    – I have an Apple account, which allow me to download the SDK, the samples, the videos.
    – My account does’nt allow me do sign any code, or to send an application in the approvla process, because I am not an official iPohne developper.

    – my SDK was downloaded last week from the Appl web site, directly. the installation was done without any error.

    – I don’t have built any certificate in the kay chain utility.
    so, I have to do it, and I use the name : “iPhone Developper” ?
    – how can I do a certificate, without the WWDR Intermediate Certificate from Apple ?

    – my message was put here with error in the spelling, I was writing it with my macbook near me, it is not a copy paste….

    I will try again tonight.

  16. olivier robin
    July 5, 2010


    this was the trick :
    I had to build a Self signing certificate.

    I followed this tutorial from Apple :

    I used the name : iPhone developer
    for my certificate.

    and now, I can compile, run the application I have built.

    here is my config :

    iphone 3gs 16gb, under ios4.
    jailbroken with pwnage,
    cydia installed
    Appsync for OS4

    Macbook pro under osx 10.6.4, with xcode 3.2.3, SDK 4

    hope this help,


  17. July 5, 2010

    Yeah, I reread the tutorial and realized that I’d somehow totally forgotten to mention that. It’s already there if you’ve done this before, but obviously not if you’re starting fresh. I meant to add it in a few hours ago but got sidetracked. Sorry about that!

  18. Rocket
    July 8, 2010

    My app is debugging great on my Device but i need to convert that app to deb package and wanna post it on Cydia, can you plz let me know how to do this as ldid is not working for me.

  19. neobie
    July 10, 2010

    Hi Olivier/Alex

    I ran into the same problem:
    iPhone developer : no indentity found
    bin/sh failed with exit code 1.

    May I know how to create Self signing certificate in more details?

  20. neobie
    July 10, 2010

    I see, “iPhone developer” is the keyword.

  21. neobie
    July 10, 2010

    I get an error “Unknown error occur” (Failed to install .app” although the Build succeeded.

    What is the problem? I encounters 2 errors when installing installd patch.

    Is it the problems? Does anyone else encounter errors during installing installd patch?

  22. Calumk
    July 12, 2010

    neobie READ MY POST

    you must install AppSync, not installd Patch…
    Seriously, please read all the comments before posting your own…

  23. July 14, 2010


    do you have similar instructions for xcode 3.2.3 with sdk 4 final?


  24. adr
    July 14, 2010

    Hi. I have some problems with this solution(( After install to iPod in console i see something like this:

    Error launching remote program: failed to get the task for process 127.
    Error launching remote program: failed to get the task for process 127.
    The program being debugged is not being run.
    The program being debugged is not being run.

    As I know it’s happen then


    But then I open myapp.xcen I see this


    Maybe anybody have same problem and solved it??
    P.S. When I manually start myapp in iPod its work well

  25. syd
    July 15, 2010

    Thank you for this tutorial. It worked just fine on xcode 3.2.3 with iOS4.

  26. Hugh
    August 4, 2010

    Works like a charm!
    3Gs 4.0.1 JB
    Thanks for excellent information.

  27. August 4, 2010

    […] dica de lugar aonde você pode encontrar um bom guia passo-a-passo é no blogue de Alex White. caso não tenha gostado desse, ainda existem diversos outros guias espalhados pela […]

  28. Hugh
    August 4, 2010

    ALERT: Do not put charater ‘#’ in the project folder path or you get the error:
    [code]The program being debugged is not being run.[/code]

  29. Ankur
    August 6, 2010

    I am lookin to use this so I can see how a prototype would function and I need some things that aren’t in the simulator. I do still want to be able to reverse all of this if my proof-of-concept works out. Is there a way you can describe “switching” between running official apps and debugging them and running unofficial (self-signed) apps as well? Which steps would I have to modify?

  30. August 7, 2010

    I’m not exactly sure what you mean. You can do anything you like once you’re in the environment that this procedure gets you to: self-signing doesn’t change anything as far as debugging is concerned, or APIs available to you during testing (although I suppose it does change your permissions on the system). I don’t, however, see any reason that having a valid signing certificate for the sake of official releases would be a problem. You’d just have it installed in keychain alongside your self signing cert, and you’d use it instead, and in project settings, select “code signing – my apple cert.”

    At least that’s what I’d expect. And of course, remove the run script build phase for the project in question. I have no way to test, though, since I’m not an ADC paid subscriber yet.

  31. musicwind95
    August 10, 2010

    I get an error that it can’t read the resources in Projectfolder/build/Debug-iphoneos/ Looking at it in Finder, that file doesn’t exist, but there is a CodeResources file (with no extension) of type plist. I think this is the file it’s looking for; how do I get it to redirect to it?

    This is for SDK 3.1.3…I’ve modified the script and Terminal commands accordingly. Does 3.1.3 make a difference?

  32. musicwind95
    August 10, 2010

    I’ve removed the run scripts, and it works. However, I’m also getting the following errors in the console:

    warning: Unable to read symbols for “/Library/MobileSubstrate/MobileSubstrate.dylib” (file not found).

    warning: Unable to read symbols for “/Developer/Platforms/iPhoneOS.platform/DeviceSupport/3.1.3 (7E18)/Symbols/usr/lib/libsubstrate.dylib” (file not found).
    warning: Unable to read symbols for “/Library/MobileSubstrate/DynamicLibraries/WinterBoard.dylib” (file not found).

    There are also mentions to WinterBoard, which I do have installed…I take WinterBoard to be a replacement/override of SpringBoard?

    BTW the Captcha below is giving some really weird words…

  33. musicwind95
    August 10, 2010

    Another observation:

    I’ve downloaded a set of templates, which have some preconfigured settings. I don’t remember where I got them from, but they appear under the category of \Application Pwned.\ Anyway, I built a simple project off of those templates, did the no code signing hack, and it loads properly.

    Using the normal templates, however, I get the error that it failed to upload my app to the device. The icon did not appear on device. When I went back to the original project, built off the Application Pwned templates, and did a build & run (after deleting the original app off the device), both versions showed up. It seems that the normal templates have an issue with Xcode and the device…they seem to actually get uploaded, and they run fine *once they appear.*

  34. August 11, 2010

    Code Sign error: The identity ‘iPhone Developer’ doesn’t match any valid certificate/private key pair in the default keychain

    i m getting that error.

    waiting for fix.
    helpppp thanks

  35. August 11, 2010

    Check capitalization on iPhone Developer: the script above and the generate certificate request are mismatched, that’s all. Generate a new cert or change the script capitalization (the latter is probably easier).

    But really, there’s a new method here that you should follow instead. 3.x is out of date.

  36. […] to run unsigned code) you should be able to patch your Xcode config to build for that environment. Developing for a Jailbroken iPhone A to Z (iPhone 3.1.2) – 3.1.2 Developing for a Jailbroken iPhone A to Z (iOS 4.0.1) – 4.0 If you plan […]

  37. […] an iphone application in a modified (Jailbroken) Xcode enviroment using the following tutorial. Developing for a Jailbroken iPhone A to Z (iPhone 3.1.2) I'm done with my application, and am now a registered iPhone developer. I haven't officially […]

  38. bizzux
    March 17, 2011

    PERFECT Tutorial. Works like a FUKIN charm here, even on XCode 3.2.5

    Well done. Thanks.

  39. […] 在没有把握前,如果希望绕开$99,可以采用自签证书进行codesign,这篇是说的很清楚,老外不仅写howto,更重要告诉你why; […]

  40. Rahul vyas
    July 5, 2011

    Hello All,

    I’m looking for developing biteSMS like app. I have xcode 3.2.5 and snow leopard 10.6.8. How do I develop Application for jailbroken iPhone using xcode I also have developer account and I can sign the code with my developer certificate if required. I have tried biteSMS and it is working without any addition softwares to be installed in jailbroken phone. Does any one guide me regarding this. I am newbie in this field(jailbroken iPhone Developement) though I have developed 13 apps for normal iPhone. I need a step-by-step explanation so please guys help me – Thanks

  41. JB
    August 22, 2011

    It worked the first time, and I was able to load my app on my iphone.
    But I can not do it again. I’ve followed step by step the tutorial, but itunes does not install my app again!
    Running xcode 3.2.6 on a MBP OS x 10.6.8 with a iphone 3g, running OS 4.2.1.
    Any help, please?

  42. guest
    December 1, 2011

    has anybody got this on xcode 4.2?

  43. […] 过程中还可能遇到找不到gen_entitlements.py的问题,这个估计是XCode3.x版本免证书调试遗留下来的东西(参考这里),解决方法,终端中输入如下命令(要sudo): […]

  44. Jill
    June 16, 2012

    Does this work with the latest XCode?

Leave a Reply

Your email address will not be published. Required fields are marked *