My Shiny Weblog!

programming, photography and lifestyle

iPhone Hacks

Имам си GCC toolchain!

1
2
3
4
5
6

iPhone:~ root# gcc -v
Using built-in specs.
Target: arm-apple-darwin9
Configured with: ../llvm-gcc-4.2/configure --build=x86_64-unknown-linux-gnu --host=arm-apple-darwin9 --enable-static=no --enable-shared=yes --prefix=/usr --localstatedir=/var/cache/iphone-gcc --enable-languages=c,c++,objc,obj-c++ --enable-wchar_t=no --with-gxx-include-dir=/usr/include/c++/4.0.0
Thread model: posix
gcc version 4.2.1 (Based on Apple Inc. build 5555)

I can has debugger. На iPhone разработчиците английския им е като втори майчин език!

1
2
3
4
5
6
7
8
9
10
11
12
13
14

iPhone:~ root# cat hello.c 
#include <stdio.h>
int main() {
	printf("hello\n");
	return 0;
}
iPhone:~ root# gcc hello.c
iPhone:~ root# ./a.out 
Killed
iPhone:~ root# dmesg | tail -1
seatbelt: hook..execve() killing pid 242: outside of container && !i_can_has_debugger
iPhone:~ root# ldid -S a.out
iPhone:~ root# ./a.out 
hello

Добре познатото xnu ядро върху ARM S5L8900X

1
2

iPhone:~ root# uname -a
Darwin iPhone 9.4.1 Darwin Kernel Version 9.4.1: Sat Nov  1 19:09:48 PDT 2008; root:xnu-1228.7.36~2/RELEASE_ARM_S5L8900X iPhone1,2 arm N82AP Darwin

Процесор 412Mhz , little endian, 32 Kb cache, памет 128 Mb

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

iPhone:~ root# sysctl hw
hw.ncpu: 1
hw.byteorder: 1234
hw.memsize: 121634816
hw.activecpu: 1
hw.optional.floatingpoint: 1
hw.packages: 1
hw.tbfrequency: 6000000
hw.fixfrequency: 24000000
hw.prffrequency_max: 51500000
hw.prffrequency_min: 51500000
hw.prffrequency: 51500000
hw.memfrequency_max: 137333333
hw.memfrequency_min: 137333333
hw.memfrequency: 137333333
hw.l1dcachesize: 16384
hw.l1icachesize: 16384
hw.cachelinesize: 32
hw.cpufrequency_max: 412000000
hw.cpufrequency_min: 412000000
hw.cpufrequency: 412000000
hw.busfrequency_max: 103000000
hw.busfrequency_min: 103000000
hw.busfrequency: 103000000
hw.pagesize: 4096
hw.cachesize: 0 0 0 0 0 0 0 0 0 0
hw.cacheconfig: 0 16384 16384 1 32 4 0 0 0 0
hw.cpufamily: -1879695144
hw.cpu64bit_capable: 0
hw.cpusubtype: 6
hw.cputype: 12
hw.logicalcpu_max: 1
hw.logicalcpu: 1
hw.physicalcpu_max: 1
hw.physicalcpu: 1
hw.machine = iPhone1,2
hw.model = N82AP
hw.ncpu = 1
hw.byteorder = 1234
hw.physmem = 121634816
hw.usermem = 91435008
hw.pagesize = 4096
hw.epoch = 1
hw.vectorunit = 0
hw.busfrequency = 103000000
hw.cpufrequency = 412000000
hw.cachelinesize = 32
hw.l1icachesize = 16384
hw.l1dcachesize = 16384
hw.tbfrequency = 6000000
hw.memsize = 121634816
hw.availcpu = 1

feedface и асемблер за ARM

1
2
3
4
5
6
7
8
9
10
11

iPhone:~ root# objdump -D a.out | head

a.out:     file format mach-o-le

Disassembly of section LC_SEGMENT.__TEXT:

0000000000001000 <LC_SEGMENT.__TEXT>:
    1000:	feedface 	cdp2	10, 14, cr15, cr13, cr14, {6}
    1004:	0000000c 	andeq	r0, r0, ip
    1008:	00000000 	andeq	r0, r0, r0
    100c:	00000002 	andeq	r0, r0, r2

8 Gb флаш

1
2
3
4
5

iPhone:~ root# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/disk0s1          523M  489M   29M  95% /
devfs                  25K   25K     0 100% /dev
/dev/disk0s2          7.1G  1.2G  6.0G  16% /private/var

Процеси и yellowsn0w

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

iPhone:~ root# ps ax    
  PID   TT  STAT      TIME COMMAND
    1   ??  Ss     0:02.60 /sbin/launchd
   12   ??  Ss     0:01.55 /usr/sbin/mDNSResponder -launchd
   13   ??  Ss     0:02.38 /usr/sbin/notifyd
   14   ??  Ss     0:03.03 /usr/sbin/syslogd
   15   ??  Ss     0:13.70 /usr/sbin/configd
   17   ??  Ss     2:07.40 /System/Library/CoreServices/SpringBoard.app/SpringBoard
   18   ??  Ss     0:00.70 /usr/bin/yellowsn0w
   20   ??  Ss     0:00.44 /Applications/MxTube.app/MxT2d
   22   ??  Ss     0:00.72 /usr/sbin/update
   23   ??  Ss     0:28.78 /usr/libexec/lockdownd
   24   ??  Ss     0:32.73 /usr/sbin/mediaserverd
   26   ??  Ss     0:02.83 /System/Library/PrivateFrameworks/IAP.framework/Support/iapd
   27   ??  Ss     0:00.29 /usr/sbin/fairplayd
   30   ??  Ss     0:07.88 /System/Library/PrivateFrameworks/CoreTelephony.framework/Support/CommCenter
   31   ??  Ss     0:01.11 /usr/sbin/BTServer
   43   ??  Ss     0:03.12 /Applications/MobilePhone.app/MobilePhone
   77   ??  Ss     0:10.22 /Applications/MobileMail.app/MobileMail
   80   ??  Ss     0:58.92 /Applications/MobileSafari.app/MobileSafari
  100   ??  Ss     0:00.59 /System/Library/Frameworks/SystemConfiguration.framework/SCHelper
  105   ??  Ss     0:00.27 /usr/libexec/ptpd -t usb
  110   ??  S      0:00.38 /usr/libexec/afcd --lockdown -d /var/mobile/Media -u mobile
  112   ??  S      0:00.11 /usr/libexec/notification_proxy
  230   ??  S      0:01.48 /usr/sbin/sshd -i
  271   ??  Ss     0:00.11 /usr/libexec/securityd
  231 s000  Ss     0:00.42 -sh
  272 s000  R+     0:00.02 ps ax

Nmap

1
2
3
4
5
6
7
8
9
10
11
12
13
14

iPhone:/ root# nmap 192.168.1.1

Starting Nmap 4.76 ( http://nmap.org ) at 2009-04-02 22:26 EEST
mass_dns: warning: Unable to open /etc/resolv.conf. Try using --system-dns or specify valid servers with --dns-servers
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
Interesting ports on 192.168.1.1:
Not shown: 997 filtered ports
PORT     STATE  SERVICE
80/tcp   open   http
1900/tcp closed upnp
8080/tcp open   http-proxy
MAC Address: xx:xx:xx:xx:xx:xx (Tp-link Technologies Co.)

Nmap done: 1 IP address (1 host up) scanned in 16.17 seconds

TinyScheme след преправяне на makefile и компилиране

1
2
3
4
5
6
7
8
9
10
11
12

iPhone:~/tinyscheme1.39 root# make
gcc -I. -c -Os  scheme.c 
gcc -I. -c -Os  dynload.c 
gcc  -shared   scheme.o dynload.o  -ldl 
gcc -o scheme -Os scheme.o dynload.o  -ldl 
iPhone:~/tinyscheme1.39 root# ldid -S scheme
iPhone:~/tinyscheme1.39 root# ls -al scheme
-rwxr-xr-x 1 root staff 46224 Apr  2 22:37 scheme*
iPhone:~/tinyscheme1.39 root# ./scheme 
TinyScheme 1.39
> (eval (car (list (quote (display "scheme baby!")))))
scheme baby!#t

Debian rulez

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

iPhone:~ root# apt-get update
Ign http://www.ispaziorepo.com ./ Release.gpg
Ign http://apt9.ihazsupper.com ./ Release.gpg                                                                                                                                     
Get:1 http://apt.bigboss.us.com stable Release.gpg [186B]                                                                                                                         
Ign http://apt9.yellowsn0w.com ./ Release.gpg                                                                                                                                     
Hit http://www.ispaziorepo.com ./ Release                                                                                                                                         
Get:2 http://apt.modmyi.com stable Release.gpg [189B]                                                                                                                             
Get:3 http://repo.smxy.org xena Release.gpg [189B]                                                                                                                                
Ign http://apt9.ihazsupper.com ./ Release                                                                                                                                         
Ign http://mspasov.com stable Release.gpg                                                                                                                                         
Get:4 http://www.zodttd.com stable Release.gpg [189B]                                                                                                                             
Ign http://www.ispaziorepo.com ./ Packages/DiffIndex                                                                                                                              
Get:5 http://apt.saurik.com tangelo Release.gpg [189B]                                                                                                                      
Ign http://apt9.yellowsn0w.com ./ Release                                                                                                                                         
Hit http://apt.bigboss.us.com stable Release                                                                                                                                      
Get:6 http://apt.modmyi.com stable Release [483B]                                                                                                                                 
Ign http://apt9.ihazsupper.com ./ Packages/DiffIndex                                                                                                                              
Hit http://repo.smxy.org xena Release                                                                                                                                             
Ign http://apt9.yellowsn0w.com ./ Packages/DiffIndex                                                                                                                              
Hit http://www.ispaziorepo.com ./ Packages                                                                                                                                        
Hit http://www.zodttd.com stable Release                                                                                                                                          
Get:7 http://apt.saurik.com tangelo Release [566B]                                                                                                                                
Get:8 http://mspasov.com stable Release [2938B]                                                                                                          
Hit http://apt9.ihazsupper.com ./ Packages                                                                                
Hit http://apt9.yellowsn0w.com ./ Packages                                                    
Ign http://mspasov.com stable/main Packages/DiffIndex                                                               
Ign http://apt.bigboss.us.com stable/main Packages/DiffIndex                                                        
Ign http://apt.modmyi.com stable/main Packages/DiffIndex                                                                                            
Ign http://apt.bigboss.us.com stable/main Packages                                                                                                  
Hit http://repo.smxy.org xena/main Packages/DiffIndex                                                                                                         
Get:9 http://mspasov.com stable/main Packages [1753B]                                                                                                         
Hit http://www.zodttd.com stable/main Packages/DiffIndex                                                                                                       
Ign http://apt.modmyi.com stable/main Packages                                                                                     
Hit http://apt.bigboss.us.com stable/main Packages                                                  
Ign http://apt.saurik.com tangelo/main Packages/DiffIndex                                       
Hit http://www.zodttd.com stable/main Packages                                                  
Hit http://apt.modmyi.com stable/main Packages                   
Hit http://apt.saurik.com tangelo/main Packages                  
Fetched 5745B in 4s (1260B/s)     
Reading package lists... Done