Difference between revisions of "PE i can has debugger Patch"

From The iPhone Wiki
Jump to: navigation, search
(from Stefan Esser's presentation - starting category Patches)
 
 
(2 intermediate revisions by one other user not shown)
Line 1: Line 1:
 
{{DISPLAYTITLE:PE_i_can_has_debugger Patch}}
 
{{DISPLAYTITLE:PE_i_can_has_debugger Patch}}
*AMFI will allow non signed binaries
+
*[[AppleMobileFileIntegrity|AMFI]] will allow non signed binaries
 
*disables various checks
 
*disables various checks
 
*used inside the kernel debugger
 
*used inside the kernel debugger
 
*in older jailbreaks replaced by RETURN(1)
 
*in older jailbreaks replaced by RETURN(1)
  +
  +
* Internal name for variable "dword_80284A00" in disassembly is _debug_enabled.
   
 
__text:801DD218
 
__text:801DD218
Line 34: Line 36:
 
__text:801DD230
 
__text:801DD230
 
__text:801DD230 ; ---------------------------------------------------------------------------
 
__text:801DD230 ; ---------------------------------------------------------------------------
[[Category:Patches]]
+
[[Category:Kernel Patches]]

Latest revision as of 17:14, 1 August 2013

  • AMFI will allow non signed binaries
  • disables various checks
  • used inside the kernel debugger
  • in older jailbreaks replaced by RETURN(1)
  • Internal name for variable "dword_80284A00" in disassembly is _debug_enabled.
__text:801DD218 
__text:801DD218                 EXPORT _PE_i_can_has_debugger
__text:801DD218 _PE_i_can_has_debugger                  ; CODE XREF: sub_801DD23C+8↓p
__text:801DD218                                         ; sub_802D8A94+E↓p ...
__text:801DD218                 CBZ             R0, loc_801DD22E
__text:801DD21A                 LDR             R2, =dword_80284A00 <== variable patched to 1
__text:801DD21C                 LDR             R3, [R2]
__text:801DD21E                 CBNZ            R3, loc_801DD226
__text:801DD220                 STR             R3, [R0]
__text:801DD222 
__text:801DD222 loc_801DD222                            ; CODE XREF: _PE_i_can_has_debugger+14
__text:801DD222                                         ; _PE_i_can_has_debugger+18↓j
__text:801DD222                 LDR             R0, [R2]
__text:801DD224                 BX              LR
__text:801DD226 ; ---------------------------------------------------------------------------
__text:801DD226 
__text:801DD226 loc_801DD226                            ; CODE XREF: _PE_i_can_has_debugger+6↑
__text:801DD226                 LDR             R3, =dword_802731A0
__text:801DD228                 LDR             R3, [R3]
__text:801DD22A                 STR             R3, [R0]
__text:801DD22C                 B               loc_801DD2..
__text:801DD22E ; ---------------------------------------------------------------------------
__text:801DD22E 
__text:801DD22E loc_801DD22E                            ; ...
__text:801DD22E                 LDR             R2, =dword_...
__text:801DD230                 B               loc_801DD2..
__text:801DD230 ; End of function _PE_i_can_has_debugger
__text:801DD230 
__text:801DD230 ; ---------------------------------------------------------------------------