摘要:evasion越獄EXE代碼還原
function reciveInfo(phone){
dumpfile = buildpath(path)
strcat(dumpfile, "dump");
/* newpath =/var/tmp/evasi0n/dump */
*0x9b9ed4 = 0x0;
FILE *fp = fopen(dumpfile, "wb");
if (fp != NULL)
{
if(lockdownd_client_new_with_handshake(phone, &client, NULL) == LOCKDOWN_E_SUCCESS)
{
uint16_t nport = 0;
if(lockdownd_start_service(client, "com.apple.mobile.file_relay",&nport) == 0)
{
if(client != NULL)
{
lockdownd_client_free(client);
client = NULL;
}
file_relay_clinet_t relay_client;
file_relay_error_t relay_err = file_relay_client_new(phone,nport, &relay_client);
if (relay_err == NULL)
{
idevice_connection_t conn=NULL;
char *source = "Caches";
relay_err = file_relay_request_sources(relay_client, &source, &conn);
if (relay_err == NULL)
{
if (conn != NULL)
{
char *data = NULL;
uint32_t recv_bytes = 0;
uint32_t total = 0;
idevice_error_t devErr = idevice_connection_receive(conn, data, 0x4000, &recv_bytes);
if(devErr == NULL)
{
fwrite(data, 0x1, recv_bytes, fh);
total += recv_bytes;
recv_bytes = 0;
}
fclose(fh);
if (total == 0)
{
if (relay_client != NULL)
{
file_relay_client_free(relay_client);
}
if (client != NULL)
{
lockdownd_client_free(client);
}
}else{
gzFile gzFh = gzopen(dumpfile, "rb");
if (gzFh != NULL)
{
int ret = gzread(gzFh, &buff, 0x4c);
if (ret <= 0x4b)
{
gzclose(gzFh);
}else{
if (memcmp(buff, "070707", 0x06) != 0)
{
/* To be continued */
}
int nsize = cpio_get_namesize(buff);
if (nsize == 0)
{
/* To be continued */
}else{
nsize_t = gzread(gzFh, &buff,&nsize);
if (nsize_t == nsize)
{
/* To be continued */
}
}
}
}
}
}
}
}
}
}
}
}
void _jailbreak()
{
unsigned char *byCydia = _load_resource("cydia");
if (byCydia != NULL)
{
unsigned char *byPackageList = _load_resource("packagelist");
if (byPackageList != NULL)
{
printf("Connecting to device...");
if (udid == NULL)
{
printf("Could not find device in connected stat?!");
}else{
idevice_t phone = NULL;
idevice_error_t err = idevice_new(&phone,udid);
if (ret != IDEVICE_E_SUCCESS) {
printf("Could not connect to device!");
}else{
lockdownd_client_t client = NULL;
if(lockdownd_client_new_with_handshake(phone, &client, NULL)!= LOCKDOWN_E_SUCCESS)
{
printf("Failed to connect to lockdownd");
}else{
plist_t buildVersion = NULL;
plist_t deviceName = NULL;
plist_t productType = NULL;
plist_t serialNumber = NULL;
plist_t productVersion = NULL;
plist_t devTools = NULL;
lockdownd_get_value(client, NULL, "BuildVersion", &buildVersion);
lockdownd_get_value(client, NULL, "DeviceName", &deviceName);
lockdownd_get_value(client, NULL, "ProductType", &productType);
lockdownd_get_value(client, NULL, "ProductVersion", &productVersion);
lockdownd_get_value(client, NULL, "SerialNumber", &serialNumber);
lockdownd_get_value(client, "com.apple.mobile.internal", "DevToolsAvailable", &devTools);
_lockdownd_client_free(client);
client = NULL;
if (buildVersion == NULL)
{
printf("Failed to get BuildVersion from lockdown.");
}else{
if (DeviceName == NULL)
{
printf("Failed to get DeviceName from lockdown.");
}else{
if (productType == NULL)
{
printf("Failed to get ProductType from lockdown.");
}else{
if (productVersion == NULL)
{
printf("Failed to get ProductVersion from lockdown.\n");
}else{
if (serialNumber == NULL)
{
printf("Failed to get SerialNumber from lockdown.\n");
}else{
BOOL bDevTools = FALSE;
if (devTools != NULL)
{
if (plist_get_node_type(devTools) == PLIST_STRING)
{
char *czDevTools =NULL;
plist_get_string_val(devTools,&szDevTools);
if (szDevTools != NULL)
{
if(strcmp(szDevTools,"None")==0)
{
bDevTools = FALSE;
}else{
bDevTools = TRUE;
}
free(szDevTools);
}
}
}
if (bDevTools == FALSE)
{
char *newpath = buildpath(path);
cleanDir(newpath);
mkdir_with_parents(newpath, 0x1ed);
printf("Retrieving information from the device to generate jailbreak data...\n");
/*
To be contiuned
*/
}else{
idevice_free(phone);
phone = NULL;
}
}
}
}
}
}
}
}
}
}else{
printf("Packagelist is missing from resources");
}
}else{
printf("Cydia is missing from resources");
}
}
------------------------------
文章的授權使用CC BY-ND2.5協議。凡是標示“轉載”的文章,均來源於網絡並儘可能標註作者。如果有侵犯您的權益,請及時聯繫刪除或者署名、授權。
Gtalk/Email: cmd4shell [at] gmail.com