Skip to content
star and saffron
C Python Objective-C Assembly Shell
Latest commit 3243b19 Aug 8, 2011 @comex README
Failed to load latest commit information.
catalog -3 Jul 12, 2011
chain more chain stuff Dec 30, 2010
common -3 Jul 13, 2011
config RELEASE Jul 6, 2011
data @ 9731118 fix tars Jul 15, 2011
datautils add README Jul 18, 2011
datautils0 @ e6d05a9 submodules I guess Jul 18, 2011
dejavu RELEASE Jul 6, 2011
dsc ipv6 Jun 8, 2011
fs -3 Jul 13, 2011
goo RELEASE Jul 6, 2011
headers pivot AGAIN Apr 6, 2011
install -3 Jul 13, 2011
locutus fix tars Jul 15, 2011
mroib upgrade data Dec 15, 2010
otool otool update/fix Apr 6, 2011
pdf I forgot to add this directory to git Jul 20, 2011
starstuff oops Jul 18, 2011
upgrade-data awful Oct 28, 2010
white @ 97270ec submodules I guess Jul 18, 2011
.gitignore head Sep 16, 2010
.gitmodules starstuff May 2, 2011
README README Aug 8, 2011
fabricate.py go all the way Jun 22, 2011
make.py -3 Jul 13, 2011
optparse.py okay Mar 17, 2011

README

How to use:
- git submodule init -u
- ln -s /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.3.sdk /var/sdk
- add binaries to bs, e.g.
    mkdir iPhone2,1_4.3.3_8J2
    cp decrypted_kernel iPhone2,1_4.3.3_8J2/kern
    cp dyld_shared_cache_armv7 iPhone2,1_4.3.3_8J2/cache
    OR import an ipsw:
    grab https://github.com/posixninja/xpwn.git
    install "xpwntool", "hfsplus", and "dmg" to ~/xpwnbin/
    in here: cd config; python ipsw.py whatever.ipsw

- get t1utils and apply this patch: http://pastie.org/2251647
- get http://github.com/comex/xnu-env and point fs/xnu to it
- ./make.py pdf

external repositories:
------------------------------------------------------
data:       mach-o handling
white:      load dylibs into the kernel
datautils0: make kernel patches, port over symbols


in here:
------------------------------------------------------
catalog:
    catalog.py: ROP code and kernel exploit
    kcode.S:    kernel payload
chain: unused
common:
    common.h:   _log, _assert, etc
datautils:
    dmini.py:   python interface to data
dejavu:
    gen_dejavu.raw.py: FreeType exploit
dsc:
    dsc.c:      mount dyld shared cache via fuse
goo:
    goop.py:    the "string with pointers, relocations, etc." abstraction 
    goo.py:     doing ROP with the abstraction
    world1.py:  specific gadgets
    two.py:     creating mach-o files with the abstraction
headers: external headers
install:
    install.m:  install the jailbreak
locutus:
    locutus.c:  download files / communicate with locutus_server / run install
    inject.c:   inject a dylib into a process
    locutus_server.m: injected into SpringBoard
mroib: unused
otool: patch to otool that supports "force ARM" mode
starstuff:
    build-archive.sh: build the saffron-jailbreak-xxx debian package
    mount_nulls.c:    do so
upgrade-data: unused

Something went wrong with that request. Please try again.