MISTool - For everything you've missed in libmis.dylib

What is this?

(yet another) simple command line utility, which can be used to explore the other parts of libmis.dylib - not just MISValidateSignature, but also its provisioning profile logic.



Just pass a file, and allow MISValidateSignatureAndCopyInfo() to work its magic. Yes, ..AndCopyInfo..., because if you can run this tool, you're on a JB device, wherein MISValidateSignature() is hooked one way or another to return 0.

root@iPhone (~) # mistool validate \
root@iPhone (~) # mistool validate /usr/libexec/amfid                                         
root@iPhone (~) # mistool validate /Applications/Cydia.app/Cydia
Error -402620388 (0xe800801c) - No code signature found.

List Provisioning Profiles:

root@iPhone (~) #  mistool list
Profile Name: pp18
Version: 1
AppleInternal: no
Local Provisioning: no
Mutable: no
UUID: 405096f6-8d6a-4957-a44c-fd4657a4fbf5
Team Name: Beijing Yilin Online Information Technology Co., Ltd.
	get-task-allow: false
	com.apple.developer.team-identifier: VD7N37QVCS
	application-identifier: VD7N37QVCS.com.appinstaller.yuying
	keychain-access-groups: (1 values) VD7N37QVCS.*
Devices: all (Enterprise)

Show Errors

Uses MISCopyErrorStringForErrorCode() to give you a human readable (but not always useful) CFString...

root@iPhone (~) # mistool errors
root@iPhone (~) #/tmp/mistool errors                                                                     0:10
Error 0xe8008000: An unexpected error was encountered (0xE8008000)
Error 0xe8008001: An unknown error has occurred.
Error 0xe8008002: Attempted to modify an immutable provisioning profile.
Error 0xe8008003: This provisioning profile is malformed.
Error 0xe8008004: This provisioning profile does not have a valid signature (or it has a valid, but untrusted signature).


  • Is this open source?? Yes. right here. In fact, it's open source only - compile it yourself (instructions included, compiles cleanly, tested on ARMv8).
  • Why do I need this if everything is valid on a JB device? Well, it's useful for profiles, too. And you can basically fool around with this simple tool to trigger validations. I use this extensively to force the other players - misagent and online-auth-agent to show their ugly faces, so I can debug the XPC outta them. Lastly, if you're developing a JB and want to check if your libmis shenanigans work, just change ...AndCopyInfo in the source, and you'll get a mini-amfid simulator.
  • Can I use this on a NON jailbroken device? Yep. Whether you like it or not, libmis.dylib is shoved in your address space thanks to inclusion in the dyld shared cache. You don't need any entitlements for most operations. Another reason why I left this open source.
  • Where's the header documentation???? Function prototypes are right in the source. I'm releasing the source as a nice usage example of the common functions. More documentation, discussion of how it works, and quite possibly forced open-source of the entire libmis.dylib to come in MOX*I 2nd Ed.
  • When IS that MOX*I 2nd Ed. coming out already?!?!?! - Soon (follow updates here). But hey, I'm throwing bones out all the time, no? This should give you an idea of how deep I'm going (trust me, tools like this still don't even scratch the surface). Good things take time. And come to those who wait.
  • I got a question! - I welcome it - but please use the Book Forum for that.
  • Show me some of the four dozen functions libmis.dylib exports!!! Wait for MOX*I II.
  • Greetz

  • @0xAmit - And yes, you can now have coffee with that :-) - just use kMISValidationOptionOnlineAuthorization
  • Changelog