It has been couple weeks now. Apple's response is that the bug will be fix in iOS6.
Thus, "in-app purchases" via a third party signing server still works
You can visit http://system.in-appstore.com/ for instructions for iOS devices, and http://system.in-appstore.com/osx.html for instructions for Mac.
Not every in-app purchase will work with the in-appstore.com server. People have created an index file documenting what works and what does not.
This hack works pretty well on apps without any post-in-app-purchase protection. If there is a protection via a server, that specific developer server also need to be blocked. On July 30th, ZonD80 post how-to capture developers' servers. The idea is to fake an server and record what an app want after in-app purchase. Base on the log file, generate code to response the iOS app with what they were expecting to archive a successful in-app purchase.
All these can happen, because Apple's iTunes server can be faked after installing some certification files. Oh well!
Finally, the appeal from the founder ZonD80.
Images for iOS
Images for Mac