Difference between revisions of "PE i can has debugger Patch"

From The iPhone Wiki
Jump to: navigation, search
(from Stefan Esser's presentation - starting category Patches)
(No difference)

Revision as of 20:54, 25 September 2011

  • AMFI will allow non signed binaries
  • disables various checks
  • used inside the kernel debugger
  • in older jailbreaks replaced by RETURN(1)
__text:801DD218 
__text:801DD218                 EXPORT _PE_i_can_has_debugger
__text:801DD218 _PE_i_can_has_debugger                  ; CODE XREF: sub_801DD23C+8↓p
__text:801DD218                                         ; sub_802D8A94+E↓p ...
__text:801DD218                 CBZ             R0, loc_801DD22E
__text:801DD21A                 LDR             R2, =dword_80284A00 <== variable patched to 1
__text:801DD21C                 LDR             R3, [R2]
__text:801DD21E                 CBNZ            R3, loc_801DD226
__text:801DD220                 STR             R3, [R0]
__text:801DD222 
__text:801DD222 loc_801DD222                            ; CODE XREF: _PE_i_can_has_debugger+14
__text:801DD222                                         ; _PE_i_can_has_debugger+18↓j
__text:801DD222                 LDR             R0, [R2]
__text:801DD224                 BX              LR
__text:801DD226 ; ---------------------------------------------------------------------------
__text:801DD226 
__text:801DD226 loc_801DD226                            ; CODE XREF: _PE_i_can_has_debugger+6↑
__text:801DD226                 LDR             R3, =dword_802731A0
__text:801DD228                 LDR             R3, [R3]
__text:801DD22A                 STR             R3, [R0]
__text:801DD22C                 B               loc_801DD2..
__text:801DD22E ; ---------------------------------------------------------------------------
__text:801DD22E 
__text:801DD22E loc_801DD22E                            ; ...
__text:801DD22E                 LDR             R2, =dword_...
__text:801DD230                 B               loc_801DD2..
__text:801DD230 ; End of function _PE_i_can_has_debugger
__text:801DD230 
__text:801DD230 ; ---------------------------------------------------------------------------