AppSigner is a new over-the-air signing utility designed for the iOS operating system. Here’s how you can access and use it to sign your applications and games.
What is appsigner.io?
AppSigner is a web-based Cydia Impactor alternative that allows you to sign applications over-the-air. It is developed by developers Malhaar and RedHairs, both of whom are newcomers on the jailbreak scene.
In other words, it’s just a free website that does exactly what Cydia Extender and Cydia Impactor do on devices/computers. However, it doesn’t sideload the app onto your device automatically after signing it.
Since this tool is aimed at the sideload community, you can use it with or without a jailbreak.
Saurik warns users against using AppSigner
Unlike Cydia Impactor, AppSigner stores your Apple ID credentials on its server before sending them to Apple’s signing servers.
While storing username and passwords is essential for signing, the developer can also gain access to your accounts.
Most users (at least the non-tech savvy ones) use the same password on different platforms, which could maximize the risk of accounts getting compromised.
Saurik wrote a long-winded essay on Reddit concerning this tool.
In his post, the veteran developer claims that users’ credentials are only as safe as the servers the developers are using. Apparently, Malhaar is using a simple ASP.NET application deployed on an IIS server with no firewall whatsoever.
Furthermore, the app doesn’t even have an SSL certificate, which means your credentials are sent on the internet as well as your local network in the form of plain text.
Saurik is the only old-guard jailbreak developer who’s still sticking around. And, when he’s skeptical about something, you should probably refrain from installing that tool or tweak on your device.
With that being said, you could still use it with a throwaway Apple ID created specifically for signing purposes. This will ensure your original account stays out of harm’s way and you can still sideload your desired tweaked application or game hack.
- IPA file
- Apple ID credentials
- Chrome or Firefox web browser
- Internet connection
How to sign apps with appsigner.io
Step 1 Open any web browser and visit appsigner.io. As of this writing, only Chrome and Firefox web browsers are compatible with this tool. Safari web browser isn’t working properly and the developers plan to push a fix for that soon.
Step 2 Cilck on Select an IPA for upload and upload the IPA file you want to sign and sideload onto your Apple device.
Step 3 Once the file is uploaded successfully to the server, input the following data –
- Apple ID – Enter your email ID
- Password – Enter your Apple ID password
- UDID – Enter your UDID number here. You can find this either from by connecting your device to your computer and using iTunes or you can simply open showmyudid.com in Safari on your iPhone, iPad, or iPod touch.
- Insert captcha – Input the captcha shown on the bottom right corner here.
Step 4 Press the SIDELOAD button present at the bottom and wait for AppSigner to sign your app using your Apple ID.
Step 5 Wait for the countdown timer to end and save the signed app in the desired folder.
Step 6 Sideload the app to your device using Cydia Impactor utility by Saurik. You can download its latest version from this link.
Over-the-air sideloading is a gray area even in the jailbreak community because Apple ID accounts are on the line.
In the recent past, several disreputable individuals have used this method to steal user credentials and payment information. So, Saurik’s concerns aren’t entirely unfounded.
As for me, I can still recommend using these tools occasionally when Cydia Impactor isn’t working. Just be sure to create a new throwaway Apple ID account and you should be good to go.