Hacker Jake James has devised a new method for stopping app revocations on any iPhone, iPad, and iPod touch. Here’s how this method works.
Table of Contents
How App Revoke Bypass works
As you already know, Apple can revoke any app in an instant. This includes apps that you sign with an enterprise or developer certificate or install using a third-party App Installer such as TutuApp or Cyrus Installer.
This is where this new method comes in.
This App Revoke bypass stops all certificate revocations by Apple and gives you access to apps for one complete year with no revokes whatsoever.
It involves blocking your iOS device from communicating with Apple’s server. Once you block Apple’s server, they can no longer de-authenticate or revoke your sideloaded applications.
Remember, this is a bypass and not a complete solution to fully remove the limit set by Apple.
Why is this method useful?
Waiting for apps to be signed again is time-consuming and you never know when these apps could get revoked again. Blocking Apple’s servers mitigates the certificate revocation risk.
This bypass ensures that all your apps such as BobbyMovie, Snapchat++, Instagram++, SCOthman, etc remained signed and don’t get revoked again.
It supports all App Installers such as Cyrus Installer, TutuApp, AppValley, Tweakbox, and others.
You can use it on all iPhone, iPod, and iPad models running iOS 9, 10, and 11 firmware.
Here’s how you can employ this method to bypass Apple’s revoke limitations.
Requirements
- iPhone, iPad, and iPod
- iOS 9, 10, 11 firmware
- Internet connection
- AdBlocker app from the App Store
Preparing your device
Before you move to onto the tutorial, follow these steps so as to make sure everything goes on smoothly hereafter.
- Perform a complete backup of your device with iTunes or by iCloud.
- If your applications are not revoked, you can jump to step 3 directly.
- If your applications are already revoked, you must start from the very beginning. Alternatively, you can also wait for the apps to be signed again and then proceed with step 3.
- If you only use WiFi on your device, you can skip the first method and follow the WiFi method.
- If you are on a 32-bit device, you must use the WiFi method only because most Adblockers aren’t compatible with 32-bit devices anymore. If you try to install a 64-bit app on your 32-bit device, you will get compatibility error.
How to stop App Revokes without jailbreak
Mobile Data
Step 1 Open the Settings app on your device and navigate to Settings > Reset >Erase all Content and Settings.
Step 2 Restore from a backup you performed earlier.
Step 3 Install any AdBlock app from the official App Store. You are free to use whichever AdBlocker you want to. With that said, my recommendation is to use AdBlocker by FutureMind, which is very user-friendly and lets us block custom domains and servers.
You can download it from the link given below.
If you don’t want to purchase a paid application, use the following credentials and please don’t misuse them (thanks to Apple Geek Studios for providing these details for free) –
- Email – [email protected]
- Password – ZodiacTwitter9
Step 4 Navigate to Settings > Group and domains.
Step 5 Tap Add group and enter “Norevoke” as the name of this group.
Step 6 Select this group and tap Add domains.
Step 7 Add the URL of Apple’s server – ocsp.apple.com.
Step 8 Now slide up to enable the Adblocker and install its VPN configuration profile.
Step 9 Open this URL – ocsp.apple.com. If the website doesn’t load, the app revoke bypass is now in place and you are good to go.
Step 10 Remember, DO NOT close AdBlock from the App Switcher, you must keep it running at all times. If you close it, it will remove the app revoke bypass we have just set up above.
You can now use any signing service or apps signed with enterprise certificates with any WiFi network or cellular data.
WiFi
This method applies to Apple TV, WiFi iPad, iPod touch or iPhone models where you only use WiFi for connecting to the internet.
Step 1 Connect to a WiFi network of your choice.
Step 2 Tap the “i” icon present next to it and set the DNS Address field to this value – 5.2.76.189.
Step 3 Now each time you connect to a WiFi network, reset its DNS address to the value given above.
Nesstool
Nesstool is a new Antirevoke alternative by Tutuapp. It effectively blocks all Apple servers that deal with certificates and revocations. Therefore, you can continue using your apps signed with an enterprise certificate.
You can download and install this tool from here. However, do keep in mind that it steals sensitive information from your device.
How to stop App Revokes with jailbreak
unc0ver jailbreak
unc0ver jailbreak comes with a native revoke protection system that works even in no-jailbreak mode. Furthermore, it supports all modern firmware versions beginning from iOS 11.0 up till iOS 12.1.2.
It has one major downside, though: you must be on a jailbreakable firmware version to actually run the exploit. If you have a compatible version, follow the guide given below.
Step 1 Firstly, install unc0ver jailbreak for iOS 12 and above. Be sure to check its compatibility with your device and operating system beforehand.
Step 2 Launch the app from your home screen and toggle on the Disable App Revokes option.
Step 3 Tap the Jailbreak button to kick off the exploitation process.
That’s all there’s to it! All your applications and hacked games will now stay signed forever (so long as you don’t upgrade your iOS version).
Install NoMoreRevocations
This is by far the simplest to activate this bypass method on your iPhone, iPad, and iPod touch. However, it does have one downside – it is compatible only with iOS 10 or above.
Therefore, you must have a jailbroken device running iOS 10.0-10.2 in order to get this tweak working. You can download this tweak from this link.
If you are a device that is running iOS 9 or an older version, you can follow the second method given below.
Edit Hosts file
This is yet another classic method that involves manually editing your “hosts” file.
For the uninitiated, “hosts” is a system file that maps hostnames to IP addresses. You can use this file to block access to websites simply adding the IP address of 127.0.0.1 to its domain name.
There’s no point in trying this method on iOS 9.2-9.3.3 running Pangu jailbreak because it blocks Apple’s server by default.
I will be demonstrating this process on my iPad mini running iOS 9.3.5. Now onto the tutorial.
Step 1 Open Cydia.
Step 2 Download Filza File Manager from BigBoss Cydia repo and open it from your home screen. You can also use iFile file manager, but I wouldn’t recommend doing so.
Step 3 Tap the [Root] button present under the FAVORITES section and navigate to /etc.
Step 4 Look for the hosts file present at this location.
Step 5 Open this file using the inbuilt text editor. To do this, tap on this file and select the “Text Editor” icon in the “Open with” prompt.
Step 6 With this file open, add this new rule at the end of this file.
127.0.0.1 ocsp.apple.com
Step 7 Save this file by tapping the Save button present in the top-right corner.
You are done for now but you must keep all your bases covered and activate this bypass on each reboot.
How to Reactivate the bypass after Reboot
This method works only until your device is left on. As soon as you reboot it, it will stop working. But we have a workaround for this as well. Here’s what you need to do.
Step 1 Turn on airplane mode before you switch off your iPhone, iPad, or iPod.
Step 2 Reboot your device.
Step 3 Open the AdBlock app.
Step 4 Disable airplane mode and immediately enable Adblock. Also, make sure it keeps running the background.
Step 5 Launch Safari web browser.
Step 6 Visit ocsp.apple.com and ensure it doesn’t load. If it loads, repeat the tutorial given above once again.
I don’t recommend you start any signed applications before ensuring that the bypass is in place and working.
Does this method work for you? Let us know in the comments section below. For more tutorials and guides, follow us on Facebook and Twitter.
An even easier way is to do the following:
1) put device in airplane mode
2) go to settings/safari/clear history and website data
3) open app that has been revoked
4) swipe up to reveal control center and disable airplane mode
Works for me to re-enable Youtube++ functionality.
Article is written in good intent but info on AdBlock is misleading. Do not buy this…
On iOS12 AdBlock does not survive network handover between cellular and Wifi, leaving you exposed to revokes.
Use AdGuard Pro – same priced app with less nice interface, but which has an option to survive network drops.
Cheers
Hello Gian,
And thank you for the great effort;
Unfortunately my device didn’t accept any of the methods that you have suggested, and in all honesty it’s driving me insane.
I’m running the h3lix jailbreak on ios 10.3.3, my device is the ipad 4.
Apps that are downloaded via Appcake as well as Cydia impactor are not running,
they crash on start, i have tried your methods as well as others’ but none is working.
HELP!!!
And thanks again 🙂
Hello, Omar. I will update the new server list shortly. Also, the unc0ver method still works splendidly but of course it doesn’t support your device or firmware.
last year, I block ocsp.apple.com. It works for me, and I test when I turn off the adblock, apple instantly revoke the youtube++.
However, in 2019.04 , It does not work, even i have blocked ocsp.apple.com, apple still revoke youtube++, now l have not find out which new domain is related to the revoke. But I found ocsp2.digicert.com which appears recently. Maybe it also related to revoke. So i block keyword ocsp so that two domain will be blocked.
Is only ocsp.apple.com still works for you? I am wrong?
The only thing that works for me is native jailbreak blocking. I use unc0ver for that.
Im running G0blin on v10.3.2… I cant setup the Adblocker that you recommend because it wants me to create a profile on my device. Thats fine however I need server and remote ID number (both required) which your instructions doesnt include… Without this I’m not able to enable the adblocker on my device.. Please advise me
AdBlock by FutureMind may have received new updates. I will check the new version out and get back to you asap. In the meantime, you can try any of the following jailbreak-based revoke alternatives on Cydia.
I do have app admin, is there a specific version that you know would work? I can always downgrade the version number of adblock.
Try using another Adblocker. The app doesn’t matter, all you need is custom domain blocking capability.
Any word from Saurik on updating Impactor to get it working again? At least to get Impactor working again..Looks like Apple isn’t fixing the cert issue anytime soon as so many are affected.. I now carry an external battery so that my device doesn’t die resulting in my JB being lost due to power failure.
Suarik has been inactive for a while now. No new updates so far.
Uncover 3.0.0 b 48 – Disable App Revokes option is better than reprovision? I wanna sign only uncover forever
No, you will still have to sign the unc0ver app with Reprovision.
I see in the most recent comment reply you had to someone that you’re working on another alternative method to this? That’s exciting! Does it still involved AdBlock? As I’m sure you’re aware the current method outlined in this article does not work. I purchased AdBlock and went through all steps, up to the point of successfully having ocsp blocked (safari returns error when entering said url), but a week later the app from TweakBox still gets revoked. Nonetheless, thank you for the current guide. It is very thorough and easy to follow. Looking forward to your next method.
Yes, Erik. I have been testing that new method lately and it has been working very well so far. I will update the article within a few hours.
Good Day Sir/Ma’am,
I install a certain popular emulator (which as far as I know is quite legal) using
Cydia Impactor. I experienced that it will only last for seven days and after that it will not be accessible anymore and you could not be able to verify it again less you install it again.
I tried the “wifi method” offered here in order to circumvent this issue and figured to test its effectiveness by re-configuring by device calendar to simulate a (more than) seven days time lapse.
However the apps accessibility expired.
I then re-configure my device calendar back to the original date and the apps works again, reconfigure it one year before (2018) and the apps is still usable. A month a head still okay.
Is this to be expected?
Am I doing something wrong?
Yes, it’s alright but I would recommend trying the Lazarus anti-revoke by Ignition. I will shortly update this article with a new method I’m testing.
One curiosity: i’m using the wifi method, i instaled youtube and spotify, in the same day, from Appvalley, but after 7 days, Youtube was revoked, but spotify still working. I don’t know why. Spotify is from “China Mobile Group Heilongjiang Company Limited” and Youtube is from “Shangai UTOUU Network Technology Co., LTA”. I think that this anti revoke methods don’t work to all companies.
The certificate associated with YouTube got revoked.
Any solution to this don’t happen again?
No.
The Wifi method didn’t work for me 🙁
Try any of the anti-revoke tools.
Does this wifi method work with apps that are instaled by Cydia Impactor?
Yes, it does work for apps installed with Cydia Impactor.
Will the app after seven days stop to work and i will to reinstall it?
No, it will keep working even after seven days.
If I sideload an app (the certificate should lasts 7 days), this method can help me to don’t resign the app or it works only for valid certificates that Apple revokes?
Yes, it will help you bypass that limitation.
Is it safe to use the app in order to block apps from getting revoked?
Also is safer to get it from AppStore or Tutu?
Is there any apple id that we can download it from?
Which app are you talking about?
No, they can’t 🙂
Thanks 🙏
It was helpful but the Apple id was not working but if you want to get Adblock for FREE so I recommend everyone to doenload TuTuApp from here [ https://tutuapp.com/index.php?r=web/installZB ] and then download Adblock from TuTuApp and try to block ocsp.apple.com
Provided apple id and password works no more, please provide valid info so we can continue the process. Thnaks
What?
I downloaded the adblocker by futuremind on ipadair2 but then your instructions for blocking apple dont match what my app looks like at all. When i open my app, the options are
Manage safari rules
Manage dns rules
Import dns rules
Dns proxy log
Enable dns logging
Remove dns profile
Passcode
There is no “group and domains” option.
I tried adding the apple url under manage safari rules/add filter subscription because it asks for a name and url but when i hit done, it says unsupported url
You need to add these URLs in DNS rules.
Still doesn’t work for me 🙁 I inserted the Apple url into the URL Field. But I always get an error message.
Try using AppEven anti-revoke tool.
Thanks for the solution.
Does it work for apps signed with individual developer certificate?
Any solution to prevent apple terminate the apple developer account?
Yes, it works for all apps. There’s no solution for that since Apple can revoke the developer account of these hacked stores anytime.
Does this anti revoke method doesn’t steal informations about our privacy and data? And does it have any negative affects on your device? Im just worried because i just bought a new ipad pro ios 11.2.1
On my old ipad i jailbreak it with yalu and use nesstool for the anti revoke and after 1 month or less i noticed my wifi is not working, cant update my device, and cellular doesn’t work too while on my other devices it work and after that problem i deleted nesstool and my ipad work like normal again and that means yalu got revoked and i wonder if this method doest do that
No, it’s completely safe and won’t do that.
No since you are using App Store apps and inputting server information manually.
Thnx for the tuto.
Have you heard of any problem to the apple Store??
Here is my pb. When I try to download an app it still load for ever!! Even when I reboot to desable the jailbreak, i used the Phoenix v4 one,so desable at reboot…
I did not use any app to install it… Juste slideloaded from pc…
I did a full restoration, the apple work for 2 day then again the same pb happens!!
Any suggestion???
The update section of appleStore is also empty,it says “no avalable update” while some update was dispo…
What’s your device and firmware version?
iPhone SE
iOS 11.1.2
Working. Thanks!
That’s great, Noah.
ios 9.3.5
iPone 4S , ios 9.3.5
Does the DNS method work anymore??
I set my DNS to the above yet when I opened safari I could still reach ocsp.apple.com
You must be using the newer version of that app that’s why it’s not working. The method still works, though.
Does the jailbreake method work on Phoenix jailbreak on iOS 9.3.5?
No.
I mean by editing the hosts will it work? And if it doesn’t do you know any other way?. Thank you
Hello, Tony. Yes, it will work.
I got one more question does it work when my device is not in jailbroken state? like when I reboot my device. Thanks Luca
Yes, it will continue to work as your hosts file still remains in its “edited” state.
Thank you so much Luca
Welcome, Tony.
Is the wifi dns save and what if my wifi is offline will my app got revoked?
Yes, it will get revoked.
I will use the adblock method then but if I accidentally close the app or restart my device what do i do will my apps got revoked?
I will use the addblocker then but if I accidentally closed the app will my apps get revoked? and is theres any way to get it running again?
Yes, they will get revoked. You must install them again from an installer.
Any replacements for the future mind adblocker?
Use these credentials and it will work –
Email – [email protected]
Pass – ZodiacTwitter9
It worked! Thank you so much Luca!
Welcome, Daniel. Cheers!
Works no more 🙁
This method will work no matter what Apple does. Maybe you are doing something wrong?
It says wrong password. Try again. I know it works cause i have installed it on my iphone. But want to install it on my ipad.
I’m talking about the ZodiacTwitter9 password
The password must have been changed now. You must pay for the app now.
the app is pretty cheap and well worth it
Hello, Robert. Yes it really is but I posted the details since a lot of jailbreak users are teenagers.