Difference between revisions of "MobileDevice Library"

From The iPhone Wiki
Jump to: navigation, search
m (Known Error Codes: (Fixed an issue ending f's missing...))
(Added information about mobiledevice console tool)
Line 14: Line 14:
 
=== Library Interfaces ===
 
=== Library Interfaces ===
 
* [http://www.libimobiledevice.org/ libimobiledevice] (provides the same functionality on GNU/Linux)
 
* [http://www.libimobiledevice.org/ libimobiledevice] (provides the same functionality on GNU/Linux)
  +
* [https://github.com/imkira/mobiledevice mobiledevice] (command line utility for interacting with MobileDevice Framework)
 
* [https://github.com/samdmarshall/SDMMobileDevice SDMMobileDevice] (OS X framework written in C that can be used interchangeably with Apple's private framework MobileDevice.framework)
 
* [https://github.com/samdmarshall/SDMMobileDevice SDMMobileDevice] (OS X framework written in C that can be used interchangeably with Apple's private framework MobileDevice.framework)
 
* [https://bitbucket.org/tristero/mobiledeviceaccess MobileDeviceAccess] (similar to above, but written in Objective-C)
 
* [https://bitbucket.org/tristero/mobiledeviceaccess MobileDeviceAccess] (similar to above, but written in Objective-C)

Revision as of 19:24, 7 May 2016

MobileDevice Library is used by iTunes to transfer data between iPhone and computer over both USB and WiFi connections.

PC Windows: iTunesMobileDevice.dll

  • Location: C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll (Program Files (x86) on 64-bit)
  • Supporting CoreFoundation.dll (used for CFStringRef, CFPropertyListRef management) is located in the same dir (when using iTunes prior 9.0).
  • For iTunes 9.0, the location of CoreFoundation.dll is stored in InstallDir registry value under HKLM\SOFTWARE\Apple Inc.\Apple Application Support registry key.


Mac OS X: MobileDevice.framework

  • Location: /System/Library/PrivateFrameworks/MobileDevice.framework
  • Export command: nm /System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/MobileDevice

Library Interfaces

  • libimobiledevice (provides the same functionality on GNU/Linux)
  • mobiledevice (command line utility for interacting with MobileDevice Framework)
  • SDMMobileDevice (OS X framework written in C that can be used interchangeably with Apple's private framework MobileDevice.framework)
  • MobileDeviceAccess (similar to above, but written in Objective-C)
  • MobileDevice.h (old reverse engineered header for interfacing with MobileDevice library)


Private Functions

Obtaining address

In order to obtain the address of a usable private function in MobileDevice, you will have to be able to understand x86-64 assembly to reverse engineer it. These methods differ slightly based on platform due to how dynamically linked libraries handle position independent code.

Mac OS X (MobileDevice.framework)

A private function is not marked as exported in the mach-o symbol table. This means it cannot be called by simply linking against the library. To call unexported functions, the mach-o symbol table must be stepped through manually to find the offset of a particular function call. Calls can be verified by checking against the offset of the name inside the name table.

Windows (MobileDevice.dll)

Unlike OS X's dynamically linkable libraries, Windows dynamic libraries do not support position independent code in the same manner. A private function will not have its name in the exported symbol table, so in a debugger, like GDB, it will show up as part of another function. However, you will know that it is a separate function as a new stack frame is set up.


Known Error Codes

  • kAMDSuccess = 0x0
  • kAMDUndefinedError = 0xe8000001
  • kAMDBadHeaderError = 0xe8000002
  • kAMDNoResourcesError = 0xe8000003
  • kAMDReadError = 0xe8000004
  • kAMDWriteError = 0xe8000005
  • kAMDUnknownPacketError = 0xe8000006
  • kAMDInvalidArgumentError = 0xe8000007
  • kAMDNotFoundError = 0xe8000008
  • kAMDIsDirectoryError = 0xe8000009
  • kAMDPermissionError = 0xe800000a
  • kAMDNotConnectedError = 0xe800000b
  • kAMDTimeOutError = 0xe800000c
  • kAMDOverrunError = 0xe800000d
  • kAMDEOFError = 0xe800000e
  • kAMDUnsupportedError = 0xe800000f
  • kAMDFileExistsError = 0xe8000010
  • kAMDBusyError = 0xe8000011
  • kAMDCryptoError = 0xe8000012
  • kAMDInvalidResponseError = 0xe8000013
  • kAMDMissingKeyError = 0xe8000014
  • kAMDMissingValueError = 0xe8000015
  • kAMDGetProhibitedError = 0xe8000016
  • kAMDSetProhibitedError = 0xe8000017
  • kAMDRemoveProhibitedError = 0xe8000018
  • kAMDImmutableValueError = 0xe8000019
  • kAMDPasswordProtectedError = 0xe800001a
  • kAMDMissingHostIDError = 0xe800001b
  • kAMDInvalidHostIDError = 0xe800001c
  • kAMDSessionActiveError = 0xe800001d
  • kAMDSessionInactiveError = 0xe800001e
  • kAMDMissingSessionIDError = 0xe800001f
  • kAMDInvalidSessionIDError = 0xe8000020
  • kAMDMissingServiceError = 0xe8000021
  • kAMDInvalidServiceError = 0xe8000022
  • kAMDInvalidCheckinError = 0xe8000023
  • kAMDCheckinTimeoutError = 0xe8000024
  • kAMDMissingPairRecordError = 0xe8000025
  • kAMDInvalidActivationRecordError = 0xe8000026
  • kAMDMissingActivationRecordError = 0xe8000027
  • kAMDWrongDroidError = 0xe8000028
  • kAMDSUVerificationError = 0xe8000029
  • kAMDSUPatchError = 0xe800002a
  • kAMDSUFirmwareError = 0xe800002b
  • kAMDProvisioningProfileNotValid = 0xe800002c
  • kAMDSendMessageError = 0xe800002d
  • kAMDReceiveMessageError = 0xe800002e
  • kAMDMissingOptionsError = 0xe800002f
  • kAMDMissingImageTypeError = 0xe8000030
  • kAMDDigestFailedError = 0xe8000031
  • kAMDStartServiceError = 0xe8000032
  • kAMDInvalidDiskImageError = 0xe8000033
  • kAMDMissingDigestError = 0xe8000034
  • kAMDMuxError = 0xe8000035
  • kAMDApplicationAlreadyInstalledError = 0xe8000036
  • kAMDApplicationMoveFailedError = 0xe8000037
  • kAMDApplicationSINFCaptureFailedError = 0xe8000038
  • kAMDApplicationSandboxFailedError = 0xe8000039
  • kAMDApplicationVerificationFailedError = 0xe800003a
  • kAMDArchiveDestructionFailedError = 0xe800003b
  • kAMDBundleVerificationFailedError = 0xe800003c
  • kAMDCarrierBundleCopyFailedError = 0xe800003d
  • kAMDCarrierBundleDirectoryCreationFailedError = 0xe800003e
  • kAMDCarrierBundleMissingSupportedSIMsError = 0xe800003f
  • kAMDCommCenterNotificationFailedError = 0xe8000040
  • kAMDContainerCreationFailedError = 0xe8000041
  • kAMDContainerP0wnFailedError = 0xe8000042
  • kAMDContainerRemovalFailedError = 0xe8000043
  • kAMDEmbeddedProfileInstallFailedError = 0xe8000044
  • kAMDErrorError = 0xe8000045
  • kAMDExecutableTwiddleFailedError = 0xe8000046
  • kAMDExistenceCheckFailedError = 0xe8000047
  • kAMDInstallMapUpdateFailedError = 0xe8000048
  • kAMDManifestCaptureFailedError = 0xe8000049
  • kAMDMapGenerationFailedError = 0xe800004a
  • kAMDMissingBundleExecutableError = 0xe800004b
  • kAMDMissingBundleIdentifierError = 0xe800004c
  • kAMDMissingBundlePathError = 0xe800004d
  • kAMDMissingContainerError = 0xe800004e
  • kAMDNotificationFailedError = 0xe800004f
  • kAMDPackageExtractionFailedError = 0xe8000050
  • kAMDPackageInspectionFailedError = 0xe8000051
  • kAMDPackageMoveFailedError = 0xe8000052
  • kAMDPathConversionFailedError = 0xe8000053
  • kAMDRestoreContainerFailedError = 0xe8000054
  • kAMDSeatbeltProfileRemovalFailedError = 0xe8000055
  • kAMDStageCreationFailedError = 0xe8000056
  • kAMDSymlinkFailedError = 0xe8000057
  • kAMDiTunesArtworkCaptureFailedError = 0xe8000058
  • kAMDiTunesMetadataCaptureFailedError = 0xe8000059
  • kAMDAlreadyArchivedError = 0xe800005a
  • kAMDProhibitedBySupervision = 0xe8000083