码迷,mamicode.com
首页 > 移动开发 > 详细

[实验]通过内核Patch去掉iOS-v4.3.3的沙盒特性

时间:2014-05-31 01:29:56      阅读:290      评论:0      收藏:0      [点我收藏+]

标签:c   style   class   blog   code   java   

环境:

1、Mac OS X 10.9.2

2、xcode 5.1.1

3、gcc 4.8

4、redsn0w 0.9.15b3

前提:

1、获取 iOS 4.3.3 的kernelcache,并解密

操作步骤:

1、修改 datautils0/sandbox.S 的19行,将“movs r2, #19”改为“movs r2, #1”

2、编译 datautils0,也可以从此处下载

3、制作内核Patch:./make_kernel_patchfile ./kernel-iPod4,1-v4.3.3.decrypted ./kernel-iPod4,1-v4.3.3.patch

4、应用内核Patch:./apply_patchfile ./kernel-iPod4,1-v4.3.3.decrypted ./kernel-iPod4,1-v4.3.3.patch ./kernel-iPod4,1-v4.3.3.patched

5、使用redsn0w引导Patch后的内核:/Applications/redsn0w.app/Contents/MacOS/redsn0w -i iPod4,1_4.3.3_8J2_Restore.ipsw -k kernel-iPod4,1-v4.3.3.patched

6、写demo测试,读取MobileSafari的Info.plist

bubuko.com,布布扣
 1 - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions
 2 {
 3     NSString *safariInfoFilePath = @"/Applications/MobileSafari.app/Info.plist";
 4     NSDictionary *infoContent = [NSDictionary dictionaryWithContentsOfFile:safariInfoFilePath];
 5     NSLog(@"-------->%@", infoContent);
 6
 7     self.window = [[[UIWindow alloc] initWithFrame:[[UIScreen mainScreen] bounds]] autorelease];
 8     // Override point for customization after application launch.
 9     self.window.backgroundColor = [UIColor whiteColor];
10     [self.window makeKeyAndVisible];
11     return YES;
12 }
bubuko.com,布布扣

 

===========================================

接下来找时间详细得读读 datatuils0 的代码。

.

 

[实验]通过内核Patch去掉iOS-v4.3.3的沙盒特性,布布扣,bubuko.com

[实验]通过内核Patch去掉iOS-v4.3.3的沙盒特性

标签:c   style   class   blog   code   java   

原文地址:http://www.cnblogs.com/Proteas/p/3761828.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!