TraceTheMap is an iOS location-based challenge where you must collect 5 hidden map markers placed within a 1 km radius, each worth 100 points. To score, you must appear within 50 meters of each marker, totaling 500 points to win.

After investigating the info.plist:

- It confirms the app uses CoreLocation (the Apple framework that provides GPS/location services).

- It does not show evidence of third-party location libraries or anti-spoofing SDKs.

For further analysis, I will use objection to check the used libraries and frameworks:

- The app itself seems to rely on Apple’s CoreLocation framework.

After analyzing the found dylib:

- The binary links against a custom dynamic library, indicating anti-cheat logic may be inside.

- Symbols show it is a SwiftUI app using Combine + MapKit.

To solve this challenge you can do one of the following:

- Reverse-engineer the custom dylib to identify the logic that decides whether a collectible is close enough and, using a dynamic instrumentation tool like Frida, hook the distance calculation in the location framework so that selected measurements are treated as being within the allowed range and the app marks collectibles as collected.

- Spoof the location stored inside RAM during execution.

To solve the challenge, I use idevicesetlocation to spoof the device’s GPS position.

- For each collectible, I first determine its exact latitude and longitude using Google Maps.

- I then spoof the device’s location to those coordinates using idevicesetlocation.

- Usage: idevicesetlocation [lon] [lat]

- Repeat for all pin points until all markers are collected.