The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "AMFID code signing evasion"
(initial page) |
(No difference)
|
Revision as of 00:36, 19 February 2013
By creating a dylib without code, just redefining the signed code verification function with a "return ok" method from another signed library and using lazy binding, the entire code signing requirement gets circumvented. This method has been used by developers for a long time now.
In evasi0n, the amfi.dylib redefines these functions:
- _kMISValidationOptionValidateSignatureOnly (_kCFUserNotificationTokenKey from CoreFoundation)
- _kMISValidationOptionExpectedHash (_kCFUserNotificationTimeoutKey from CoreFoundation)
- _MISValidateSignature (_CFEqual from CoreFoundation)
TODO: some more detailed description missing here.
Usage
- evasi0n jailbreak
Credit
- KennyTM~
- maybe others too