Why Use the ipaguard Command Line Version

  1. The command line version allows for more precise control over symbol modification, preventing potential rejection due to aggressive obfuscation or random symbol changes during review.
  2. It provides a symbol mapping file that tracks the relationship between original and obfuscated symbols. If the app crashes, this mapping helps identify the original function causing the issue.
  3. The command line version can be integrated into automated systems, enabling batch processing and streamlined IPA file handling.
  4. It supports batch symbol obfuscation, eliminating the tedious process of manually selecting symbols in the GUI version. This makes it ideal for advanced users with scripting skills.
  5. Optimizations are built in: high-risk symbols are automatically excluded from obfuscation, and Uniapp compatibility is enhanced to reduce crashes.

Steps to Use ipaguard Command Line Version

  1. Export symbols eligible for obfuscation
  2. Edit the exported symbol file
  3. Specify the symbol file during IPA obfuscation
  4. Sign and test the obfuscated IPA
  5. Sign with a distribution certificate and upload

1. Export Symbol File

1ipaguard_cli parse game.ipa -o sym.json
  • Replace game.ipa with the path to your IPA file
  • Replace sym.json with the output path for the symbol file

2. Edit the Symbol File

Use any text editor or script to modify sym.json.

  • Focus on updating the refactorName values—ensure length remains the same and avoid duplicates.
  • The confuse field controls whether a symbol is obfuscated. Set it to false if a symbol should be excluded.
  • Other fields provide context. For example, fileReferences lists files containing strings like addEventListener—obfuscating these may break functionality.

Example snippet from sym.json:

 1[{
 2    "confuse": false,
 3    "name": "addEventListener:",
 4    "refactorName": "addEventListener:",
 5    "swiftReferences": [],
 6    "types": [
 7      "oc_method_name"
 8    ],
 9    "definedIns": [
10      "HBuilder"
11    ],
12    "fileReferences": [
13      "weexUniJs.js",
14      "PandoraApi.bundle\\all.js"
15    ],
16    "stringReferences": []
17  },
18  {
19    "confuse": true,
20    "name": "_isPreTTS",
21    "refactorName": "_isPreTTS",
22    "swiftReferences": [],
23    "types": [
24      "oc_method_name"
25    ],
26    "definedIns": [
27      "HBuilder"
28    ],
29    "fileReferences": [],
30    "stringReferences": []
31  }]

3. Obfuscate IPA with Symbol File

1ipaguard_cli protect game.ipa -c sym.json --email ipaguard@gmail.com --image --js -o confused.ipa
  • -c: Path to the symbol file
  • --image: Enable image MD5 modification
  • --js: Enable JS obfuscation
  • -o: Output path for the obfuscated IPA
  • --email: ipaguard account email (VIP1 or higher required for command line obfuscation)

4. Sign and Test the Obfuscated IPA

1kxsign sign my.ipa -c cert.p12 -p certpassword -m a.mobileprovision -z out.ipa -i
  • my.ipa: Input IPA file
  • -c: Certificate path
  • -p: Certificate password
  • -m: Mobileprovision file path
  • -z: Output path for the signed IPA
  • -i: Install to a connected device (requires development certificate and test device). Alternatively, use tools like Keymob Assistant for installation.

Note: Always test the obfuscated IPA with a development certificate to avoid crashes during review.

5. Sign and Distribute the IPA

Use the same signing command as Step 4, but omit -i and use a distribution certificate.

For Linux or Windows, use Application Loader to publish and upload the app.