Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
star and saffron
C Python Objective-C Assembly
branch: master

README

latest commit 3243b19d79
@comex authored
Failed to load latest commit information.
catalog -3
chain more chain stuff
common -3
config RELEASE
data @ 9731118 fix tars
datautils add README
datautils0 @ e6d05a9 submodules I guess
dejavu RELEASE
dsc ipv6
fs -3
goo RELEASE
headers pivot AGAIN
install -3
locutus fix tars
mroib upgrade data
otool otool update/fix
pdf I forgot to add this directory to git
starstuff oops
upgrade-data awful
white @ 97270ec submodules I guess
.gitignore head
.gitmodules starstuff
README README
fabricate.py go all the way
make.py -3
optparse.py okay

README

How to use:
- git submodule init -u
- ln -s /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.3.sdk /var/sdk
- add binaries to bs, e.g.
    mkdir iPhone2,1_4.3.3_8J2
    cp decrypted_kernel iPhone2,1_4.3.3_8J2/kern
    cp dyld_shared_cache_armv7 iPhone2,1_4.3.3_8J2/cache
    OR import an ipsw:
    grab https://github.com/posixninja/xpwn.git
    install "xpwntool", "hfsplus", and "dmg" to ~/xpwnbin/
    in here: cd config; python ipsw.py whatever.ipsw

- get t1utils and apply this patch: http://pastie.org/2251647
- get http://github.com/comex/xnu-env and point fs/xnu to it
- ./make.py pdf

external repositories:
------------------------------------------------------
data:       mach-o handling
white:      load dylibs into the kernel
datautils0: make kernel patches, port over symbols


in here:
------------------------------------------------------
catalog:
    catalog.py: ROP code and kernel exploit
    kcode.S:    kernel payload
chain: unused
common:
    common.h:   _log, _assert, etc
datautils:
    dmini.py:   python interface to data
dejavu:
    gen_dejavu.raw.py: FreeType exploit
dsc:
    dsc.c:      mount dyld shared cache via fuse
goo:
    goop.py:    the "string with pointers, relocations, etc." abstraction 
    goo.py:     doing ROP with the abstraction
    world1.py:  specific gadgets
    two.py:     creating mach-o files with the abstraction
headers: external headers
install:
    install.m:  install the jailbreak
locutus:
    locutus.c:  download files / communicate with locutus_server / run install
    inject.c:   inject a dylib into a process
    locutus_server.m: injected into SpringBoard
mroib: unused
otool: patch to otool that supports "force ARM" mode
starstuff:
    build-archive.sh: build the saffron-jailbreak-xxx debian package
    mount_nulls.c:    do so
upgrade-data: unused

Something went wrong with that request. Please try again.