susnm susnmos
susnmos
/ getios10beta1kernelcache.sh
Created
October 28, 2020 12:11
— forked from joswr1ght/getios10beta1kernelcache.sh
Get iOS 10 Beta 1 Kernelcache for reverse engineering (iPhone 6s hardware)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get decrypted kernelcache | |
| # URL for iOS 10 Beta 1 for iPhone 6s taken from http://pastebin.com/FRMfanmT | |
| wget -q http://apple.co/28R9rhS -O ios10beta1-iphone6s.zip | |
| mkdir ios10beta1 | |
| unzip -q ios10beta1-iphone6s.zip -d ios10beta1 | |
| cd ios10beta1 | |
| wget -q http://nah6.com/%7Eitsme/cvs-xdadevtools/iphone/tools/lzssdec.cpp | |
| g++ -o lzssdec lzssdec.cpp | |
| ./lzssdec -o 439 < AssetData/boot/kernelcache.release.n71 >kernelcache.decrypted # 439 is offset byte count to 0xFFCFFAEDFE header | |
| xxd kernelcache.decrypted | head -1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // 打印按钮的action及其target | |
| function actionWithTargets(button) { | |
| var allTargets = [button allTargets].allObjects(); | |
| if (!allTargets) { | |
| return "is not a uicontrol" | |
| } | |
| var allShow = []; | |
| for (var i = 0; i < allTargets.length; i++) { | |
| var target = allTargets[i]; | |
| var actions = [button actionsForTarget: target forControlEvent: UIControlEventTouchUpInside]; |