The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information.

Difference between revisions of "Kernel"

From The iPhone Wiki
Jump to: navigation, search
(Spelling fail :/)
Line 2: Line 2:
   
 
On production devices, the kernel is always stored as a pre-linked kernelcache stored at '''/System/Library/Caches/com.apple.kernelcaches/kernelcache'''. On development devices the kernel is stored in its normal place, at '''/mach_kernel'''.
  
On production devices, the kernel is always stored as a pre-linked kernelcache stored at '''/System/Library/Caches/com.apple.kernelcaches/kernelcache'''. On development devices the kernel is stored in its normal place, at '''/mach_kernel'''.
  +
  +
Contrary to common belief, the iOS XNU is highly similar to the OS X one. This includes KEXTs and the IOKit, which is implemented in full. The kernelcache can be unpacked to show the kernel proper, along with the KEXTs (all packed in the __PRELINK_TEXT section) and their PLists (in the __PRELINK_INFO section).
  +
  +
The Cydia supplied kextstat does not work on iOS. This is because it relies on kmod_get_info(), which is an unsupported API in recent iOS and OS X. That said, the kexts DO exit. The following shows the listing of a custom command, jkextstat (which does work on iOS) on the author's iPod 4G:
  +
  +
<pre>
  +
Podicum:~ root# ./kextstat
  +
0 __kernel__
  +
1 kpi.bsd
  +
2 kpi.dsep
  +
3 kpi.iokit
  +
4 kpi.libkern
  +
5 kpi.mach
  +
6 kpi.private
  +
7 kpi.unsupported
  +
8 driver.AppleARMPlatform <1 3 4 5 6 7>
  +
9 iokit.IOStorageFamily <1 3 4 5 6 7>
  +
10 driver.DiskImages <1 3 4 5 6 7 9>
  +
11 driver.FairPlayIOKit <1 3 4 5 6 7>
  +
12 driver.IOSlaveProcessor <3 4>
  +
13 driver.IOP_s5l8930x_firmware <3 4 12>
  +
14 iokit.AppleProfileFamily <1 3 4 5 6 7>
  +
15 iokit.IOCryptoAcceleratorFamily <1 3 4 5 7>
  +
16 driver.AppleMobileFileIntegrity <1 2 3 4 5 6 7 15>
  +
17 iokit.IONetworkingFamily <1 3 4 5 6 7>
  +
18 iokit.IOUserEthernet <1 3 4 5 6 16 17>
  +
19 platform.AppleKernelStorage <3 4 7>
  +
20 iokit.IOSurface <1 3 4 5 6 7 8>
  +
21 iokit.IOStreamFamily <3 4 5>
  +
22 iokit.IOAudio2Family <1 3 4 5 21>
  +
23 driver.AppleAC3Passthrough <1 3 4 5 7 8 11 21 22>
  +
24 iokit.EncryptedBlockStorage <1 3 4 5 9 15>
  +
25 iokit.IOFlashStorage <1 3 4 5 7 9 24>
  +
26 driver.AppleEffaceableStorage <1 3 4 5 7 8 25>
  +
27 driver.AppleKeyStore <1 3 4 5 6 7 15 16 26>
  +
28 kext.AppleMatch <1 4>
  +
29 security.sandbox <1 2 3 4 5 6 7 16 28>
  +
30 driver.AppleS5L8930X <1 3 4 5 7 8>
  +
31 iokit.IOHIDFamily <1 3 4 5 6 7 16>
  +
32 driver.AppleM68Buttons <1 3 4 5 7 8 31>
  +
33 iokit.IOUSBDeviceFamily <1 3 4 5>
  +
34 iokit.IOSerialFamily <1 3 4 5 6 7>
  +
35 driver.AppleOnboardSerial <1 3 4 5 7 34>
  +
36 iokit.IOAccessoryManager <3 4 5 7 8 33 34 35>
  +
37 driver.AppleProfileTimestampAction <1 3 4 5 14>
  +
38 driver.AppleProfileThreadInfoAction <1 3 4 6 14>
  +
39 driver.AppleProfileKEventAction <1 3 4 14>
  +
40 driver.AppleProfileRegisterStateAction <1 3 4 14>
  +
41 driver.AppleProfileCallstackAction <1 3 4 5 6 14>
  +
42 driver.AppleProfileReadCounterAction <3 4 6 14>
  +
43 driver.AppleARMPL192VIC <3 4 5 7 8>
  +
44 driver.AppleCDMA <1 3 4 5 7 8 15>
  +
45 driver.IODARTFamily <3 4 5>
  +
46 driver.AppleS5L8930XDART <1 3 4 5 7 8 45>
  +
47 iokit.IOSDIOFamily <1 3 4 5 7>
  +
48 driver.AppleIOPSDIO <1 3 4 5 7 8 12 47>
  +
49 driver.AppleIOPFMI <1 3 4 5 7 8 12 25>
  +
50 driver.AppleSamsungSPI <1 3 4 5 7 8>
  +
51 driver.AppleSamsungSerial <1 3 4 5 7 8 34 35>
  +
52 driver.AppleSamsungPKE <3 4 5 7 8 15>
  +
53 driver.AppleS5L8920X <1 3 4 5 7 8>
  +
54 driver.AppleSamsungI2S <1 3 4 5 7 8>
  +
55 driver.AppleEmbeddedUSB <1 3 4 5 7 8>
  +
56 driver.AppleS5L8930XUSBPhy <1 3 4 5 7 8 55>
  +
57 iokit.IOUSBFamily <1 3 4 5 7>
  +
58 driver.AppleUSBEHCI <1 3 4 5 7 57>
  +
59 driver.AppleUSBComposite <1 3 4 57>
  +
60 driver.AppleEmbeddedUSBHost <1 3 4 5 7 55 57 59>
  +
61 driver.AppleUSBOHCI <1 3 4 5 57>
  +
62 driver.AppleUSBOHCIARM <3 4 5 8 55 57 60 61>
  +
63 driver.AppleUSBHub <1 3 4 5 57>
  +
64 driver.AppleUSBEHCIARM <3 4 5 8 55 57 58 60 63>
  +
65 driver.AppleS5L8930XUSB <1 3 4 5 7 8 55 57 58 60 61 62 64>
  +
66 driver.AppleARM7M <3 4 8 12>
  +
67 driver.EmbeddedIOP <3 4 5 12>
  +
68 driver.AppleVXD375 <1 3 4 5 7 8 11>
  +
69 driver.AppleD1815PMU <1 3 4 5 7 8 31>
  +
70 iokit.AppleARMIISAudio <1 3 4 5 7 22>
  +
71 driver.AppleEmbeddedAudio <1 3 4 5 7 8 22 31 70>
  +
72 driver.AppleCS42L59Audio <3 4 5 8 22 31 70 71>
  +
73 driver.AppleEmbeddedAccelerometer <3 4 5 7 8 31>
  +
74 driver.AppleEmbeddedGyro <1 3 4 5 7 8 31>
  +
75 driver.AppleEmbeddedLightSensor <3 4 5 7 8 31>
  +
76 iokit.IOAcceleratorFamily <1 3 4 5 7 8>
  +
77 IMGSGX535 <1 3 4 5 7 8 76>
  +
78 driver.H2H264VideoEncoderDriver <1 3 4 5 7 8>
  +
79 driver.AppleJPEGDriver <1 3 4 5 7 8>
  +
80 driver.AppleH3CameraInterface <1 3 4 5 7 8>
  +
81 driver.AppleM2ScalerCSCDriver <1 3 4 5 7 8 45>
  +
82 iokit.IOMobileGraphicsFamily <1 3 4 5 7 8>
  +
83 driver.AppleDisplayPipe <1 3 4 5 7 8 82>
  +
84 driver.AppleCLCD <1 3 4 5 7 8 82 83>
  +
85 driver.AppleSamsungMIPIDSI <1 3 4 5 7 8>
  +
86 driver.ApplePinotLCD <1 3 4 5 7 8>
  +
87 driver.AppleSamsungSWI <1 3 4 5 7 8>
  +
88 iokit.IODisplayPortFamily <1 3 4 5 6 7 22>
  +
89 driver.AppleRGBOUT <1 3 4 5 7 8 82 83 88>
  +
90 driver.AppleTVOut <1 3 4 5 7 8>
  +
91 driver.AppleAMC_r2 <1 3 4 5 7 8 11 21 22>
  +
92 driver.AppleSamsungDPTX <3 4 5 7 8 88>
  +
93 driver.AppleSynopsysOTGDevice <1 3 4 5 7 8 33 55>
  +
94 driver.AppleNANDFTL <1 3 4 5 7 9 25>
  +
95 driver.AppleNANDLegacyFTL <1 3 4 5 9 25 94>
  +
96 AppleFSCompression.AppleFSCompressionTypeZlib <1 2 3 4 6>
  +
97 IOTextEncryptionFamily <1 3 4 5 7 11>
  +
98 driver.AppleBSDKextStarter <3 4>
  +
99 nke.ppp <1 3 4 5 6 7>
  +
100 nke.l2tp <1 3 4 5 6 7 99>
  +
101 nke.pptp <1 3 4 5 6 7 99>
  +
102 iokit.IO80211Family <1 3 4 5 6 7 17>
  +
103 driver.AppleBCMWLANCore <1 3 4 5 6 7 8 17 102>
  +
104 driver.AppleBCMWLANBusInterfaceSDIO <1 3 4 5 6 7 8 47 103>
  +
105 driver.AppleDiagnosticDataAccessReadOnly <1 3 4 5 7 8 94>
  +
106 driver.LightweightVolumeManager <1 3 4 5 9 15 24 26>
  +
107 driver.IOFlashNVRAM <1 3 4 5 6 7 25>
  +
108 driver.AppleNANDFirmware <1 3 4 5 25>
  +
109 driver.AppleImage3NORAccess <1 3 4 5 7 8 15 108>
  +
110 driver.AppleBluetooth <1 3 4 5 7 8>
  +
111 driver.AppleMultitouchSPI <1 3 4 5 7 8>
  +
112 driver.AppleUSBMike <1 3 4 5 8 22 33>
  +
113 driver.AppleUSBDeviceMux <1 3 4 5 6 7 33>
  +
114 driver.AppleUSBEthernetDevice <1 3 4 5 6 8 17 33>
  +
</pre>
  +
  +
For a specific extension, e.g. SandBox, the full information (including the handy load address) is also accessible:
  +
  +
<pre>
  +
Podicum:~ root# ./jkextstat -b sandbox -x
  +
<dict>
  +
<key>CFBundleIdentifier</key>
  +
<string>com.apple.security.sandbox</string>
  +
<key>CFBundleVersion</key>
  +
<string>154.7</string>
  +
<key>OSBundleCPUSubtype</key>
  +
<integer>9</integer>
  +
<key>OSBundleCPUType</key>
  +
<integer>12</integer>
  +
<key>OSBundleDependencies</key>
  +
<array>
  +
<integer>6</integer>
  +
<integer>7</integer>
  +
<integer>5</integer>
  +
<integer>3</integer>
  +
<integer>28</integer>
  +
<integer>1</integer>
  +
<integer>4</integer>
  +
<integer>16</integer>
  +
<integer>2</integer>
  +
</array>
  +
<key>OSBundleExecutablePath</key>
  +
<string>/System/Library/Extensions/Sandbox.kext/Sandbox</string>
  +
<key>OSBundleIsInterface</key>
  +
<false/>
  +
<key>OSBundleLoadAddress</key>
  +
<integer>2153734144</integer>
  +
<key>OSBundleLoadSize</key>
  +
<integer>36864</integer>
  +
<key>OSBundleLoadTag</key>
  +
<integer>29</integer>
  +
<key>OSBundleMachOHeaders</key>
  +
<data>
  +
zvrt/gwAAAAJAAAACwAAAAMAAAAgAgAAAQAAAAEAAAAEAQAAX19URVhUAAAAAAAAAAAA
  +
AABgX4AAgAAAAAAAAACAAAAHAAAABwAAAAMAAAAAAAAAX190ZXh0AAAAAAAAAAAAAF9f
  +
VEVYVAAAAAAAAAAAAADMbV+AKGEAAMwNAAACAAAAAAAAAAAAAAAABwCAAAAAAAAAAABf
  +
X2NzdHJpbmcAAAAAAAAAX19URVhUAAAAAAAAAAAAAPTOX4DLDQAA9G4AAAAAAAAAAAAA
  +
AAAAAAIAAAAAAAAAAAAAAF9fY29uc3QAAAAAAAAAAABfX1RFWFQAAAAAAAAAAAAAwNxf
  +
gDEDAADAfAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAQBAABfX0RBVEEAAAAA
  +
AAAAAAAAAOBfgAAQAAAAgAAAABAAAAcAAAAHAAAAAwAAAAAAAABfX2RhdGEAAAAAAAAA
  +
AAAAX19EQVRBAAAAAAAAAAAAAADgX4C0BgAAAIAAAAQAAAAAAAAAAAAAAAAAAAAAAAAA
  +
AAAAAF9fYnNzAAAAAAAAAAAAAABfX0RBVEEAAAAAAAAAAAAAwOZfgHgAAAAAAAAABAAA
  +
AAAAAAAAAAAAAQAAAAAAAAAAAAAAX19jb21tb24AAAAAAAAAAF9fREFUQQAAAAAAAAAA
  +
AAA451+AGAAAAAAAAAACAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAbAAAAGAAAABasg7Y2
  +
TzkVrtqsgOViBQ0=
  +
</data>
  +
<key>OSBundlePath</key>
  +
<string>/System/Library/Extensions/Sandbox.kext</string>
  +
<key>OSBundlePrelinked</key>
  +
<true/>
  +
<key>OSBundleRetainCount</key>
  +
<integer>0</integer>
  +
<key>OSBundleStarted</key>
  +
<true/>
  +
<key>OSBundleUUID</key>
  +
<data>
  +
FqyDtjZPORWu2qyA5WIFDQ==
  +
</data>
  +
<key>OSBundleWiredSize</key>
  +
<integer>36864</integer>
  +
<key>OSKernelResource</key>
  +
<false/>
  +
</dict>
  +
  +
  +
</pre>
  +
  +
  +
(The tool itself will be released soon)
   
 
== External Links ==
  
== External Links ==

Revision as of 14:21, 10 February 2012

The kernel of iOS is the Template:Wp. Pre-2.0, it was vulnerable to the Ramdisk Hack and may still be, but iBoot doesn't allow boot-args to be passed anymore. It is mapped to memory at 0xC0000000. On startup, the kernelcache is decompressed and run.

On production devices, the kernel is always stored as a pre-linked kernelcache stored at /System/Library/Caches/com.apple.kernelcaches/kernelcache. On development devices the kernel is stored in its normal place, at /mach_kernel.

Contrary to common belief, the iOS XNU is highly similar to the OS X one. This includes KEXTs and the IOKit, which is implemented in full. The kernelcache can be unpacked to show the kernel proper, along with the KEXTs (all packed in the __PRELINK_TEXT section) and their PLists (in the __PRELINK_INFO section).

The Cydia supplied kextstat does not work on iOS. This is because it relies on kmod_get_info(), which is an unsupported API in recent iOS and OS X. That said, the kexts DO exit. The following shows the listing of a custom command, jkextstat (which does work on iOS) on the author's iPod 4G: 

Podicum:~ root# ./kextstat 
0 __kernel__ 
1 kpi.bsd 
2 kpi.dsep 
3 kpi.iokit 
4 kpi.libkern 
5 kpi.mach 
6 kpi.private 
7 kpi.unsupported 
8 driver.AppleARMPlatform <1 3 4 5 6 7>
9 iokit.IOStorageFamily <1 3 4 5 6 7>
10 driver.DiskImages <1 3 4 5 6 7 9>
11 driver.FairPlayIOKit <1 3 4 5 6 7>
12 driver.IOSlaveProcessor <3 4>
13 driver.IOP_s5l8930x_firmware <3 4 12>
14 iokit.AppleProfileFamily <1 3 4 5 6 7>
15 iokit.IOCryptoAcceleratorFamily <1 3 4 5 7>
16 driver.AppleMobileFileIntegrity <1 2 3 4 5 6 7 15>
17 iokit.IONetworkingFamily <1 3 4 5 6 7>
18 iokit.IOUserEthernet <1 3 4 5 6 16 17>
19 platform.AppleKernelStorage <3 4 7>
20 iokit.IOSurface <1 3 4 5 6 7 8>
21 iokit.IOStreamFamily <3 4 5>
22 iokit.IOAudio2Family <1 3 4 5 21>
23 driver.AppleAC3Passthrough <1 3 4 5 7 8 11 21 22>
24 iokit.EncryptedBlockStorage <1 3 4 5 9 15>
25 iokit.IOFlashStorage <1 3 4 5 7 9 24>
26 driver.AppleEffaceableStorage <1 3 4 5 7 8 25>
27 driver.AppleKeyStore <1 3 4 5 6 7 15 16 26>
28 kext.AppleMatch <1 4>
29 security.sandbox <1 2 3 4 5 6 7 16 28>
30 driver.AppleS5L8930X <1 3 4 5 7 8>
31 iokit.IOHIDFamily <1 3 4 5 6 7 16>
32 driver.AppleM68Buttons <1 3 4 5 7 8 31>
33 iokit.IOUSBDeviceFamily <1 3 4 5>
34 iokit.IOSerialFamily <1 3 4 5 6 7>
35 driver.AppleOnboardSerial <1 3 4 5 7 34>
36 iokit.IOAccessoryManager <3 4 5 7 8 33 34 35>
37 driver.AppleProfileTimestampAction <1 3 4 5 14>
38 driver.AppleProfileThreadInfoAction <1 3 4 6 14>
39 driver.AppleProfileKEventAction <1 3 4 14>
40 driver.AppleProfileRegisterStateAction <1 3 4 14>
41 driver.AppleProfileCallstackAction <1 3 4 5 6 14>
42 driver.AppleProfileReadCounterAction <3 4 6 14>
43 driver.AppleARMPL192VIC <3 4 5 7 8>
44 driver.AppleCDMA <1 3 4 5 7 8 15>
45 driver.IODARTFamily <3 4 5>
46 driver.AppleS5L8930XDART <1 3 4 5 7 8 45>
47 iokit.IOSDIOFamily <1 3 4 5 7>
48 driver.AppleIOPSDIO <1 3 4 5 7 8 12 47>
49 driver.AppleIOPFMI <1 3 4 5 7 8 12 25>
50 driver.AppleSamsungSPI <1 3 4 5 7 8>
51 driver.AppleSamsungSerial <1 3 4 5 7 8 34 35>
52 driver.AppleSamsungPKE <3 4 5 7 8 15>
53 driver.AppleS5L8920X <1 3 4 5 7 8>
54 driver.AppleSamsungI2S <1 3 4 5 7 8>
55 driver.AppleEmbeddedUSB <1 3 4 5 7 8>
56 driver.AppleS5L8930XUSBPhy <1 3 4 5 7 8 55>
57 iokit.IOUSBFamily <1 3 4 5 7>
58 driver.AppleUSBEHCI <1 3 4 5 7 57>
59 driver.AppleUSBComposite <1 3 4 57>
60 driver.AppleEmbeddedUSBHost <1 3 4 5 7 55 57 59>
61 driver.AppleUSBOHCI <1 3 4 5 57>
62 driver.AppleUSBOHCIARM <3 4 5 8 55 57 60 61>
63 driver.AppleUSBHub <1 3 4 5 57>
64 driver.AppleUSBEHCIARM <3 4 5 8 55 57 58 60 63>
65 driver.AppleS5L8930XUSB <1 3 4 5 7 8 55 57 58 60 61 62 64>
66 driver.AppleARM7M <3 4 8 12>
67 driver.EmbeddedIOP <3 4 5 12>
68 driver.AppleVXD375 <1 3 4 5 7 8 11>
69 driver.AppleD1815PMU <1 3 4 5 7 8 31>
70 iokit.AppleARMIISAudio <1 3 4 5 7 22>
71 driver.AppleEmbeddedAudio <1 3 4 5 7 8 22 31 70>
72 driver.AppleCS42L59Audio <3 4 5 8 22 31 70 71>
73 driver.AppleEmbeddedAccelerometer <3 4 5 7 8 31>
74 driver.AppleEmbeddedGyro <1 3 4 5 7 8 31>
75 driver.AppleEmbeddedLightSensor <3 4 5 7 8 31>
76 iokit.IOAcceleratorFamily <1 3 4 5 7 8>
77 IMGSGX535 <1 3 4 5 7 8 76>
78 driver.H2H264VideoEncoderDriver <1 3 4 5 7 8>
79 driver.AppleJPEGDriver <1 3 4 5 7 8>
80 driver.AppleH3CameraInterface <1 3 4 5 7 8>
81 driver.AppleM2ScalerCSCDriver <1 3 4 5 7 8 45>
82 iokit.IOMobileGraphicsFamily <1 3 4 5 7 8>
83 driver.AppleDisplayPipe <1 3 4 5 7 8 82>
84 driver.AppleCLCD <1 3 4 5 7 8 82 83>
85 driver.AppleSamsungMIPIDSI <1 3 4 5 7 8>
86 driver.ApplePinotLCD <1 3 4 5 7 8>
87 driver.AppleSamsungSWI <1 3 4 5 7 8>
88 iokit.IODisplayPortFamily <1 3 4 5 6 7 22>
89 driver.AppleRGBOUT <1 3 4 5 7 8 82 83 88>
90 driver.AppleTVOut <1 3 4 5 7 8>
91 driver.AppleAMC_r2 <1 3 4 5 7 8 11 21 22>
92 driver.AppleSamsungDPTX <3 4 5 7 8 88>
93 driver.AppleSynopsysOTGDevice <1 3 4 5 7 8 33 55>
94 driver.AppleNANDFTL <1 3 4 5 7 9 25>
95 driver.AppleNANDLegacyFTL <1 3 4 5 9 25 94>
96 AppleFSCompression.AppleFSCompressionTypeZlib <1 2 3 4 6>
97 IOTextEncryptionFamily <1 3 4 5 7 11>
98 driver.AppleBSDKextStarter <3 4>
99 nke.ppp <1 3 4 5 6 7>
100 nke.l2tp <1 3 4 5 6 7 99>
101 nke.pptp <1 3 4 5 6 7 99>
102 iokit.IO80211Family <1 3 4 5 6 7 17>
103 driver.AppleBCMWLANCore <1 3 4 5 6 7 8 17 102>
104 driver.AppleBCMWLANBusInterfaceSDIO <1 3 4 5 6 7 8 47 103>
105 driver.AppleDiagnosticDataAccessReadOnly <1 3 4 5 7 8 94>
106 driver.LightweightVolumeManager <1 3 4 5 9 15 24 26>
107 driver.IOFlashNVRAM <1 3 4 5 6 7 25>
108 driver.AppleNANDFirmware <1 3 4 5 25>
109 driver.AppleImage3NORAccess <1 3 4 5 7 8 15 108>
110 driver.AppleBluetooth <1 3 4 5 7 8>
111 driver.AppleMultitouchSPI <1 3 4 5 7 8>
112 driver.AppleUSBMike <1 3 4 5 8 22 33>
113 driver.AppleUSBDeviceMux <1 3 4 5 6 7 33>
114 driver.AppleUSBEthernetDevice <1 3 4 5 6 8 17 33>

For a specific extension, e.g. SandBox, the full information (including the handy load address) is also accessible: 

Podicum:~ root# ./jkextstat -b sandbox  -x
<dict>
        <key>CFBundleIdentifier</key>
        <string>com.apple.security.sandbox</string>
        <key>CFBundleVersion</key>
        <string>154.7</string>
        <key>OSBundleCPUSubtype</key>
        <integer>9</integer>
        <key>OSBundleCPUType</key>
        <integer>12</integer>
        <key>OSBundleDependencies</key>
        <array>
                <integer>6</integer>
                <integer>7</integer>
                <integer>5</integer>
                <integer>3</integer>
                <integer>28</integer>
                <integer>1</integer>
                <integer>4</integer>
                <integer>16</integer>
                <integer>2</integer>
        </array>
        <key>OSBundleExecutablePath</key>
        <string>/System/Library/Extensions/Sandbox.kext/Sandbox</string>
        <key>OSBundleIsInterface</key>
        <false/>
        <key>OSBundleLoadAddress</key>
        <integer>2153734144</integer>
  <key>OSBundleLoadSize</key>
        <integer>36864</integer>
        <key>OSBundleLoadTag</key>
        <integer>29</integer>
        <key>OSBundleMachOHeaders</key>
        <data>
        zvrt/gwAAAAJAAAACwAAAAMAAAAgAgAAAQAAAAEAAAAEAQAAX19URVhUAAAAAAAAAAAA
        AABgX4AAgAAAAAAAAACAAAAHAAAABwAAAAMAAAAAAAAAX190ZXh0AAAAAAAAAAAAAF9f
        VEVYVAAAAAAAAAAAAADMbV+AKGEAAMwNAAACAAAAAAAAAAAAAAAABwCAAAAAAAAAAABf
        X2NzdHJpbmcAAAAAAAAAX19URVhUAAAAAAAAAAAAAPTOX4DLDQAA9G4AAAAAAAAAAAAA
        AAAAAAIAAAAAAAAAAAAAAF9fY29uc3QAAAAAAAAAAABfX1RFWFQAAAAAAAAAAAAAwNxf
        gDEDAADAfAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAQBAABfX0RBVEEAAAAA
        AAAAAAAAAOBfgAAQAAAAgAAAABAAAAcAAAAHAAAAAwAAAAAAAABfX2RhdGEAAAAAAAAA
        AAAAX19EQVRBAAAAAAAAAAAAAADgX4C0BgAAAIAAAAQAAAAAAAAAAAAAAAAAAAAAAAAA
        AAAAAF9fYnNzAAAAAAAAAAAAAABfX0RBVEEAAAAAAAAAAAAAwOZfgHgAAAAAAAAABAAA
        AAAAAAAAAAAAAQAAAAAAAAAAAAAAX19jb21tb24AAAAAAAAAAF9fREFUQQAAAAAAAAAA
        AAA451+AGAAAAAAAAAACAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAbAAAAGAAAABasg7Y2
        TzkVrtqsgOViBQ0=
        </data>
        <key>OSBundlePath</key>
        <string>/System/Library/Extensions/Sandbox.kext</string>
        <key>OSBundlePrelinked</key>
        <true/>
        <key>OSBundleRetainCount</key>
        <integer>0</integer>
        <key>OSBundleStarted</key>
        <true/>
        <key>OSBundleUUID</key>
        <data>
        FqyDtjZPORWu2qyA5WIFDQ==
        </data>
        <key>OSBundleWiredSize</key>
        <integer>36864</integer>
        <key>OSKernelResource</key>
        <false/>
</dict>


(The tool itself will be released soon)

External Links

Article by Stefan Esser about exploiting the kernel

See Also

Retrieved from "https://www.theiphonewiki.com/w/index.php?title=Kernel&oldid=24543"