Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Cooler ssh payload - mount script; load from rc.boot (not from /sbin/…

…reboot)

Don't redownload files if orig files are present (only rebuild)
Mux lib doesn't call reboot() on restore mode devs now.
  • Loading branch information...
commit 3fcb8e44512f3a1dd76dbb75566a6b35fd958129 1 parent 296c0ee
msftguy authored
Showing with 518 additions and 12 deletions.
  1. +8 −4 java/gui/src/Background.java
  2. +2 −2 java/gui/src/res/all_keys.plist
  3. BIN  java/gui/src/res/ssh.tar
  4. BIN  java/gui/sshtar/bin/bash
  5. BIN  java/gui/sshtar/bin/ls
  6. +69 −0 java/gui/sshtar/bin/mount.sh
  7. +1 −0  java/gui/sshtar/bin/sh
  8. +27 −0 java/gui/sshtar/etc/rc.boot
  9. +188 −0 java/gui/sshtar/etc/ssh/moduli
  10. +47 −0 java/gui/sshtar/etc/ssh/ssh_config
  11. +12 −0 java/gui/sshtar/etc/ssh/ssh_host_dsa_key
  12. +1 −0  java/gui/sshtar/etc/ssh/ssh_host_dsa_key.pub
  13. BIN  java/gui/sshtar/etc/ssh/ssh_host_key
  14. +1 −0  java/gui/sshtar/etc/ssh/ssh_host_key.pub
  15. +27 −0 java/gui/sshtar/etc/ssh/ssh_host_rsa_key
  16. +1 −0  java/gui/sshtar/etc/ssh/ssh_host_rsa_key.pub
  17. +116 −0 java/gui/sshtar/etc/ssh/sshd_config
  18. +3 −0  java/gui/sshtar/mktar.sh
  19. BIN  java/gui/sshtar/sbin/sshd
  20. BIN  java/gui/sshtar/usr/bin/scp
  21. BIN  java/gui/sshtar/usr/lib/libcrypto.0.9.8.dylib
  22. BIN  java/gui/sshtar/usr/lib/libhistory.6.0.dylib
  23. +1 −0  java/gui/sshtar/usr/lib/libncurses.5.dylib
  24. BIN  java/gui/sshtar/usr/lib/libreadline.6.0.dylib
  25. BIN  java/gui/sshtar/usr/libexec/sftp-server
  26. +8 −0 java/gui/sshtar/var/root/.profile
  27. +6 −6 mux_redux/mux.c
12 java/gui/src/Background.java
View
@@ -201,11 +201,15 @@ String downloadAndProcessFile(String zipPath)
String downloadPath = finalPath;
if (needsDecrypting)
downloadPath = finalPath + ".orig";
- if (!getFileFromZip(ipswUrl, zipPath, downloadPath)) {
- gui.error("Download failed! %1s [%2s] -> %3s", ipswUrl, zipPath, downloadPath);
- return null;
+ if (new File(downloadPath).exists()) {
+ gui.trace("Skipping download of %1s, file already exists!", finalPath);
+ } else {
+ if (!getFileFromZip(ipswUrl, zipPath, downloadPath)) {
+ gui.error("Download failed! %1s [%2s] -> %3s", ipswUrl, zipPath, downloadPath);
+ return null;
+ }
+ gui.trace("Downloaded to %1s", downloadPath);
}
- gui.trace("Downloaded to %1s", downloadPath);
if (needsDecrypting) {
String decryptedPath = finalPath + ".dec";
4 java/gui/src/res/all_keys.plist
View
@@ -40,7 +40,7 @@
<key>build</key>
<string>8A400</string>
</dict>
- <key>n88ap.bak</key>
+ <key>n88ap</key>
<dict>
<key>device</key>
<string>iphone21</string>
@@ -277,7 +277,7 @@
<key>restoredmg</key>
<string>038-3848-002</string>
</dict>
- <key>n88ap</key>
+ <key>n88ap.435</key>
<dict>
<key>ramdisknotencrypted</key>
<string>true</string>
BIN  java/gui/src/res/ssh.tar
View
Binary file not shown
BIN  java/gui/sshtar/bin/bash
View
Binary file not shown
BIN  java/gui/sshtar/bin/ls
View
Binary file not shown
69 java/gui/sshtar/bin/mount.sh
View
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+# Script to mount the volumes..
+
+MOUNTS=$(mount)
+
+while read LINE
+do
+ set $LINE
+ if [ $3 == "/mnt1" ]
+ then
+ MNT1=$1
+ else
+ if [ $3 == "/mnt2" ]
+ then
+ MNT2=$1
+ fi
+ fi
+done <<< "$MOUNTS"
+
+if [ -z $MNT1 ]
+then
+ if [ -b /dev/disk0s1s1 ]
+ then # iOS5
+ echo "Mounting /dev/disk0s1s1 on /mnt1 .."
+ mount_hfs /dev/disk0s1s1 /mnt1
+ else
+ if [ -b /dev/disk0s1 ]
+ then
+ echo "Checking /dev/disk0s1 .."
+ fsck_hfs /dev/disk0s1
+
+ echo "Mounting /dev/disk0s1 on /mnt1 .."
+ mount_hfs /dev/disk0s1 /mnt1
+ else
+ echo "Could not mount system volume; retry later or file a bug."
+ fi
+ fi
+else
+ echo "$MNT1 already mounted on /mnt1"
+fi
+
+if [ -z $MNT2 ]
+then
+ if [ -b /dev/disk0s1s2 ]
+ then # iOS5
+ echo "Mounting /dev/disk0s1s2 on /mnt2 .."
+ mount_hfs /dev/disk0s1s2 /mnt2
+ else
+ if [ -b /dev/disk0s2s1 ]
+ then # iOS 4
+ echo "Mounting /dev/disk0s2s1 on /mnt2 .."
+ mount_hfs /dev/disk0s2s1 /mnt2
+ else
+ if [ -b /dev/disk0s2 ]
+ then # iOS3 .. maybe?
+ echo "Checking /dev/disk0s2 .."
+ fsck_hfs /dev/disk0s2
+
+ echo "Mounting /dev/disk0s2 on /mnt2 .."
+ mount_hfs /dev/disk0s2 /mnt2
+ else
+ echo "Could not mount user data volume; retry later or file a bug."
+ fi
+ fi
+ fi
+else
+ echo "$MNT2 already mounted on /mnt2"
+fi
1  java/gui/sshtar/bin/sh
View
27 java/gui/sshtar/etc/rc.boot
View
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# remount r/w
+
+mount /
+
+# free space
+
+rm /usr/local/standalone/firmware/*
+rm /usr/standalone/firmware/*
+mv /sbin/reboot /sbin/reboot_bak
+
+# Fix the auto-boot
+
+nvram auto-boot=1
+
+# Start SSHD
+
+/sbin/sshd
+
+# Do the stuff original rc.boot did
+
+/usr/local/bin/restored_external
+/usr/local/bin/restored_update
+/usr/local/bin/restored
+/usr/libexec/ramrod/ramrod
+
188 java/gui/sshtar/etc/ssh/moduli
View
188 additions, 0 deletions not shown
47 java/gui/sshtar/etc/ssh/ssh_config
View
@@ -0,0 +1,47 @@
+# $OpenBSD: ssh_config,v 1.23 2007/06/08 04:40:40 pvalchev Exp $
+
+# This is the ssh client system-wide configuration file. See
+# ssh_config(5) for more information. This file provides defaults for
+# users, and the values can be changed in per-user configuration files
+# or on the command line.
+
+# Configuration data is parsed as follows:
+# 1. command line options
+# 2. user-specific file
+# 3. system-wide file
+# Any configuration value is only changed the first time it is set.
+# Thus, host-specific definitions should be at the beginning of the
+# configuration file, and defaults at the end.
+
+# Site-wide defaults for some commonly used options. For a comprehensive
+# list of available options, their meanings and defaults, please see the
+# ssh_config(5) man page.
+
+Host *
+# ForwardAgent no
+ ForwardX11 yes
+# RhostsRSAAuthentication no
+# RSAAuthentication yes
+# PasswordAuthentication yes
+# HostbasedAuthentication no
+# GSSAPIAuthentication no
+# GSSAPIDelegateCredentials no
+# BatchMode no
+# CheckHostIP yes
+# AddressFamily any
+# ConnectTimeout 0
+# StrictHostKeyChecking ask
+# IdentityFile ~/.ssh/identity
+# IdentityFile ~/.ssh/id_rsa
+# IdentityFile ~/.ssh/id_dsa
+# Port 22
+# Protocol 2,1
+# Cipher 3des
+# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
+# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
+# EscapeChar ~
+# Tunnel no
+# TunnelDevice any:any
+# PermitLocalCommand no
+ SendEnv LANG LC_*
+ HashKnownHosts yes
12 java/gui/sshtar/etc/ssh/ssh_host_dsa_key
View
@@ -0,0 +1,12 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBugIBAAKBgQCRAGVU3NY06gtd07VcxT7aSIAsGi0qIBf2r28iyfCJPpSh3LR4
+xebYsSc001qAbk7B1D3gjXcaQbG8zhkGAF5UhhgRoYNx++E5AdGWL6f3N2SQGRg0
+ELEDeo9uhYrKj38EWSVz5W/DSxdGxezUQkOrGdF/zyM6HWMMJMe+JviHhQIVAK1k
+B5keEFfXSkdZLwJiJNSMAwsTAoGAd0Si4TUTtbfA2q7vg7erjkE/lQ2aYqyxXycH
+ldhe9maAuDop9pLvPF88AH3FU/QOSRzl8ANm27qDfqz4X5Pj4aVezPDCte8JTPCY
+Y7UJBlG23suXOz7oZ5mT4lWiWxHkf2pA929WYKAqpA5Yku0mvezWTYIndi7aEvIQ
+qinwGZQCgYBGA/No8/0tsIxfueku6kZVtHJezEHA/DXK3VtZQhJqpQSDmc6ac6RK
+hbSaV9Q9SISxUQoermq2mC3563hfadTdDonbdS4hHsfp8GYw2XWWKTKMJIfQfBh0
+n4tH543Sfdvo+irLNRkw7kms5P96cPp0ec/JTbQjkAhXEMc1hcJBKQIUcefuKx6J
+CgXM1qqWQzmh6Yxvp44=
+-----END DSA PRIVATE KEY-----
1  java/gui/sshtar/etc/ssh/ssh_host_dsa_key.pub
View
@@ -0,0 +1 @@
+ssh-dss AAAAB3NzaC1kc3MAAACBAJEAZVTc1jTqC13TtVzFPtpIgCwaLSogF/avbyLJ8Ik+lKHctHjF5tixJzTTWoBuTsHUPeCNdxpBsbzOGQYAXlSGGBGhg3H74TkB0ZYvp/c3ZJAZGDQQsQN6j26FisqPfwRZJXPlb8NLF0bF7NRCQ6sZ0X/PIzodYwwkx74m+IeFAAAAFQCtZAeZHhBX10pHWS8CYiTUjAMLEwAAAIB3RKLhNRO1t8Daru+Dt6uOQT+VDZpirLFfJweV2F72ZoC4Oin2ku88XzwAfcVT9A5JHOXwA2bbuoN+rPhfk+PhpV7M8MK17wlM8JhjtQkGUbbey5c7PuhnmZPiVaJbEeR/akD3b1ZgoCqkDliS7Sa97NZNgid2LtoS8hCqKfAZlAAAAIBGA/No8/0tsIxfueku6kZVtHJezEHA/DXK3VtZQhJqpQSDmc6ac6RKhbSaV9Q9SISxUQoermq2mC3563hfadTdDonbdS4hHsfp8GYw2XWWKTKMJIfQfBh0n4tH543Sfdvo+irLNRkw7kms5P96cPp0ec/JTbQjkAhXEMc1hcJBKQ==
BIN  java/gui/sshtar/etc/ssh/ssh_host_key
View
Binary file not shown
1  java/gui/sshtar/etc/ssh/ssh_host_key.pub
View
@@ -0,0 +1 @@
+2048 35 22863403230363057125532901483959995158868052839666613720599479194710030969172147032959644887283078830728500539623709376627438782032771781595220937403576634513232890638595884855084246146357583313382920882057560292771475701073821506174328657604317895714543986206409151751401624273829061903988579532242057650995520642546244563005719964188009546754533467012348670726995734592541512005893158644642786626175694267614564858079634794858330219528225263688040182596119868879012127383607951411330777391710206320353489654717094177647385845429359394250782827001403846845707041142751913977688452721668771730938187972599951378392229
27 java/gui/sshtar/etc/ssh/ssh_host_rsa_key
View
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEoQIBAAKCAQEAu+DAGUQcHutfXVzLNbqC7oU96K/wO7UIKXzJNAuN9yRROVhb
+KyrPv2v8YmXjWY+IlE6DUCbcPYi62mkC9AFs3cu5hrxeM+5OHRdPvIhNXQWyx/BH
+6gnYkYFkLsd4H8UshT2Z/vzRmOdW3KVj/l2VXeSdxc7EeBWLfgj1cTuoX8oCWIB4
+q+KYXciWJ19RAh5EIZ6WNjODf0VfHab7DJ/a/xp6TrDAfGcIvwOq5iIYH1PH8zdb
+XgaV9zOAvtq9TG6zR1P2gJ2CwBvysbrdka5njv0Wm7HyaS2dttVY7RqJE+LZ5FWI
+OB3TR1j9GNkIldNbV4yDAr73TNo4+1BIxL5DOwIBIwKCAQAKvGK/nX3zI2SI/fz7
+wYPTHY6CUzJMjgB3ZjdiD0nw3YD79mucERMvgoNzVkeBdeqMIb5cWf304z3gmElP
+xZExPtdmyO9wroge62OkX49kZrnCSD6fqMqL+MPlanvkjuyZ5kNQZjfc2gT2ql18
+P9ymR5P8rLrFCIugzU/albHZlmq3xQWAlJNv+t47YSqHRaWPwIOICt8hwQsHQ/4r
+ARYE4JnRSK/0jToQYWa5mWYKgir9x/GmE0/2WNnX8ON0gxDbtQuGeKQAe+XpWEWN
+FZAknzEA9WUwrAT9yLyzNJESJfEKI+AHZu9SjJydrv9jP7lmCQeR00gICXpSFQWE
+sNsLAoGBAOFjRMIJlf9XqgTRigb7H0svPseJo175AIl8pNCVJF8FxdLDa3RjaLGg
+Z84gHokxeQQFn14mXGuKQb8GMwTL6D1ozmzMFYoua/XsNaVh9X+jtnGSHo+HVNsT
+mJ+abznoZW2b7GqjZBPX9SYvy1qJbfCF9+14XYIiuhUqoAwyB2shAoGBANVlQ9ZY
+JITeeGBGsOHHvCeettDf0eO3kpSh3EqG6Hqj+iO8zUThVt7/81cWBxU19NOUbPhd
+WDMV3t11sCwJkM7ZpUADSMKJN8VR/HcKv41qZMt4zPgOFmtKA9MSk2Rt5XIW9U0T
+MGNKxyIhlzjDij5X9pEScAidekc0QFwAn97bAoGBAK3e3UU6mEiitlt9ErTtm8xJ
+BItM675LDwr5wPitkRYaZWgTGGEZfKZIipeyYLL6R2mAriQO9tad2vJyfyD1Ej4A
+ZLpUSyF0RKfE2O1LkX+4zpIgQ3YJUBa3WHsfXR4LDGp/mR8QVIRWI4PbuiFFchFR
+Z3ytT3ME2LE+I7Gi78erAoGANt+GePIYBOi/3j4QOg7J+482Uve5oPSwqeB6eZBn
+qoHv3U3OYitQ2kHQ2+EXw6ApAzTLkFKEZOhd4SzkKJS+1hq1dtxF6OF0vbX/F0vo
+HQy61TxR9qSJbAu31zCpjtpuM0e7a5c4VAvqEBdEJIoNmwCtHf1tRAs8szlSYMz1
+6NkCgYAErhEe9BgUvnvB8Iprr3kpdd70GxYS/1AKgAPo1rmxJfcbbcvkfJwkoHGd
+V62UZ8VUhhnx32q0VCIS5Ay39T74eQLwABqV8ZUGTnZx2F0zhlLIUEeGvs4TGKxq
+D5RhVB5J3QDgpLZv0tM9JWmXcY2K46XLkVj3pVLSoyQwZBHWZw==
+-----END RSA PRIVATE KEY-----
1  java/gui/sshtar/etc/ssh/ssh_host_rsa_key.pub
View
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu+DAGUQcHutfXVzLNbqC7oU96K/wO7UIKXzJNAuN9yRROVhbKyrPv2v8YmXjWY+IlE6DUCbcPYi62mkC9AFs3cu5hrxeM+5OHRdPvIhNXQWyx/BH6gnYkYFkLsd4H8UshT2Z/vzRmOdW3KVj/l2VXeSdxc7EeBWLfgj1cTuoX8oCWIB4q+KYXciWJ19RAh5EIZ6WNjODf0VfHab7DJ/a/xp6TrDAfGcIvwOq5iIYH1PH8zdbXgaV9zOAvtq9TG6zR1P2gJ2CwBvysbrdka5njv0Wm7HyaS2dttVY7RqJE+LZ5FWIOB3TR1j9GNkIldNbV4yDAr73TNo4+1BIxL5DOw==
116 java/gui/sshtar/etc/ssh/sshd_config
View
@@ -0,0 +1,116 @@
+# $OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $
+
+# This is the sshd server system-wide configuration file. See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented. Uncommented options change a
+# default value.
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+# Disable legacy (protocol version 1) support in the server for new
+# installations. In future the default will change to require explicit
+# activation of protocol 1
+Protocol 2
+
+# HostKey for protocol version 1
+HostKey /etc/ssh/ssh_host_key
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+
+# Lifetime and size of ephemeral version 1 server key
+#KeyRegenerationInterval 1h
+#ServerKeyBits 768
+
+# Logging
+# obsoletes QuietMode and FascistLogging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+PermitRootLogin yes
+#StrictModes yes
+#MaxAuthTries 6
+
+#RSAAuthentication yes
+#PubkeyAuthentication yes
+#AuthorizedKeysFile .ssh/authorized_keys
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#RhostsRSAAuthentication no
+# similar for protocol version 2
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# RhostsRSAAuthentication and HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication yes
+PermitEmptyPasswords yes
+
+# Change to no to disable s/key passwords
+#ChallengeResponseAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+#UsePAM no
+
+#AllowTcpForwarding yes
+GatewayPorts clientspecified
+X11Forwarding yes
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PrintMotd yes
+#PrintLastLog yes
+#TCPKeepAlive yes
+#UseLogin no
+UsePrivilegeSeparation no
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+UseDNS no
+#PidFile /var/run/sshd.pid
+#MaxStartups 10
+#PermitTunnel no
+
+# no default banner path
+#Banner /some/path
+
+# override default of no subsystems
+Subsystem sftp /usr/libexec/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+# X11Forwarding no
+# AllowTcpForwarding no
+# ForceCommand cvs server
3  java/gui/sshtar/mktar.sh
View
@@ -0,0 +1,3 @@
+#!/bin/bash
+BASEDIR=$(dirname "$0")
+tar --owner=root -cvf "$BASEDIR/../src/res/ssh.tar" --exclude=.DS_Store -C "$BASEDIR" .
BIN  java/gui/sshtar/sbin/sshd
View
Binary file not shown
BIN  java/gui/sshtar/usr/bin/scp
View
Binary file not shown
BIN  java/gui/sshtar/usr/lib/libcrypto.0.9.8.dylib
View
Binary file not shown
BIN  java/gui/sshtar/usr/lib/libhistory.6.0.dylib
View
Binary file not shown
1  java/gui/sshtar/usr/lib/libncurses.5.dylib
View
BIN  java/gui/sshtar/usr/lib/libreadline.6.0.dylib
View
Binary file not shown
BIN  java/gui/sshtar/usr/libexec/sftp-server
View
Binary file not shown
8 java/gui/sshtar/var/root/.profile
View
@@ -0,0 +1,8 @@
+# Set path to support running tools from /mnt1
+export PATH=/usr/bin:/bin:/usr/sbin:/sbin:/mnt1/usr/bin:/mnt1/bin:/mnt1/usr/sbin:/mnt1/sbin
+
+# and also some libs (not frameworks though :/ )
+export DYLD_LIBRARY_PATH=/usr/lib:/mnt1/usr/lib
+
+echo Use 'mount.sh' script to mount the partitions
+echo Use 'reboot_bak' to reboot
12 mux_redux/mux.c
View
@@ -188,12 +188,12 @@ void* THREADPROCATTR wait_for_device(void* arg)
muxconn_t mux_tmp = AMDeviceGetConnectionID(s_target_device);
fprintf(stderr, "muxConnTmp = %X\n", mux_tmp);
muxConn = mux_tmp;
- restore_dev = AMRestoreModeDeviceCreate(0, mux_tmp, 0);
- fprintf(stderr, "restore_dev = %p\n", restore_dev);
- if (restore_dev != NULL) {
- AMRestoreModeDeviceReboot(restore_dev);
- Sleep(5 * 1000);
- }
+// restore_dev = AMRestoreModeDeviceCreate(0, mux_tmp, 0);
+// fprintf(stderr, "restore_dev = %p\n", restore_dev);
+// if (restore_dev != NULL) {
+// AMRestoreModeDeviceReboot(restore_dev);
+// Sleep(5 * 1000);
+// }
} else if (ret == -402653083) { // after we call 'reboot', api host is down
muxconn_t mux_tmp = AMDeviceGetConnectionID(s_target_device);
fprintf(stderr, "muxConnTmp = %X\n", mux_tmp);
Please sign in to comment.
Something went wrong with that request. Please try again.