Developer bypasses SideStore 3-app limit with SparseRestore exploit
SparseRestore is the exploit everybody is talking about right now. It’s what made installing TrollStore on iOS 17.0 possible for the general public for the first time since the firmware stopped being signed, and it was also used in various hacks such as MisakaX and Nugget, just to name a few.
But what if we told you that someone had found a way to bypass the 3 app limit in the SideStore sideloading platform using the SparseRestore exploit? Well… we are telling you exactly that.
In a post shared to the X (formerly Twitter) social media platform, iOS developer Duy Tran @TranKha50277352 shared a short video demonstration of a new hack in his SparseBox application for iOS that appears to remove the three app limit in the SideStore sideloading application.
Duy Tran said that he tested the hack on iOS 16, but hadn’t tested it on iOS 17 or iOS 18, but several X users replied to share that the hack does indeed work on iOS 18, which is a pleasant surprise for a lot of people who might be interested in using this hack.
The developer explains below:
I have done a bit of research in installd to find out it determines free developer apps by an extended attribute (xattr). So can SparseRestore bypass it? Yes, by overwriting its attribute value. However, this is temporary as you have to rerun for each 3 apps you install or update.
Theoretically, a kernel read & write may also be able to overwrite the attribute key to something else so that installd skips it. For now, you need a MDC build to remove the hard cap in SideStore.
In bypassing the three app limit in Sidestore, users can now use it to install many other apps on their device via sideloading. This can be helpful if you use more than three apps or you use several modified versions of a single app and need the additional slots.
The SparseRestore exploit is officially patched as of iOS & iPadOS 18.1 beta 5, so using the exploit requires iOS or iPadOS 18.1 beta 4 or older. SideStore itself doesn’t have a firmware cap, as sideloading is permitted with an Apple ID even on the latest firmware – you’d just be capped at three apps if you used it on iOS or iPadOS 18.1 beta 5 or later.
In any case, it’s interesting to see that developers are doing cool things with SparseRestore, and we anticipate seeing how it works might evolve in the future as developers continue tinkering with it.
Source link: https://www.idownloadblog.com/2024/10/11/sparserestore-bypass-sidestore-3-app-limit/
Leave a Reply