From 702f99d00be1c53fd3ab264c319406a41d7cb49d Mon Sep 17 00:00:00 2001 From: Nick Chan Date: Sat, 23 Mar 2024 17:51:57 +0800 Subject: [PATCH] Merge daemon hooks into universalhooks.dylib --- Makefile | 2 +- include/universalhooks/hooks.h | 5 +- plooshInit.xcodeproj/project.pbxproj | 60 +++-------- src/Makefile | 2 - src/rootfulhooks/.gitignore | 1 - src/rootfulhooks/Makefile | 44 -------- src/rootfulhooks/lsd.m | 44 -------- src/rootfulhooks/main.c | 16 --- src/rootlesshooks/.gitignore | 2 - src/rootlesshooks/Makefile | 44 -------- src/rootlesshooks/cfprefsd.c | 100 ------------------ src/rootlesshooks/lsd.m | 32 ------ src/rootlesshooks/main.c | 17 --- src/systemhook/main.c | 27 +---- src/universalhooks/Makefile | 2 +- src/universalhooks/cfprefsd.c | 100 ++++++++++++++++++ src/universalhooks/lsd.m | 69 ++++++++++++ src/universalhooks/main.c | 31 +++++- .../sb.m => universalhooks/springboard.m} | 10 +- 19 files changed, 223 insertions(+), 385 deletions(-) delete mode 100644 src/rootfulhooks/.gitignore delete mode 100644 src/rootfulhooks/Makefile delete mode 100644 src/rootfulhooks/lsd.m delete mode 100644 src/rootfulhooks/main.c delete mode 100644 src/rootlesshooks/.gitignore delete mode 100644 src/rootlesshooks/Makefile delete mode 100644 src/rootlesshooks/cfprefsd.c delete mode 100644 src/rootlesshooks/lsd.m delete mode 100644 src/rootlesshooks/main.c create mode 100644 src/universalhooks/cfprefsd.c create mode 100644 src/universalhooks/lsd.m rename src/{rootlesshooks/sb.m => universalhooks/springboard.m} (83%) diff --git a/Makefile b/Makefile index 59a9c5a5..c06b418f 100644 --- a/Makefile +++ b/Makefile @@ -48,7 +48,7 @@ else SED = sed endif -SUBDIRS = fakedyld rootlesshooks payload_dylib payload systemhook rootfulhooks universalhooks mount_cores ellekit +SUBDIRS = fakedyld payload_dylib payload systemhook universalhooks mount_cores ellekit export ROOT CC OBJC CFLAGS CC_FOR_BUILD HFSPLUS DMG NEWFS_HFS MAC UNAME SED SHELL LDFLAGS VTOOL STRIP DSYMUTIL LDID AR SUBDIRS diff --git a/include/universalhooks/hooks.h b/include/universalhooks/hooks.h index 96e2b2b8..94ba4eb6 100644 --- a/include/universalhooks/hooks.h +++ b/include/universalhooks/hooks.h @@ -1,8 +1,11 @@ #ifndef UNIVERSALHOOKS_HOOKS_H #define UNIVERSALHOOKS_HOOKS_H -void lsdInit(void); +void lsdRootlessInit(void); +void lsdRootfulInit(void); void securitydInit(void); void watchdogdInit(void); +void springboardInit(void); +void cfprefsdInit(void); #endif diff --git a/plooshInit.xcodeproj/project.pbxproj b/plooshInit.xcodeproj/project.pbxproj index 27ffd8f3..16fb5ab2 100644 --- a/plooshInit.xcodeproj/project.pbxproj +++ b/plooshInit.xcodeproj/project.pbxproj @@ -7,6 +7,9 @@ objects = { /* Begin PBXBuildFile section */ + 017796C82BAED73C00BCC2C3 /* lsd.m in Sources */ = {isa = PBXBuildFile; fileRef = 017796C72BAED73C00BCC2C3 /* lsd.m */; }; + 017796CA2BAED7ED00BCC2C3 /* springboard.m in Sources */ = {isa = PBXBuildFile; fileRef = 017796C92BAED7ED00BCC2C3 /* springboard.m */; }; + 017796CC2BAEDA1A00BCC2C3 /* cfprefsd.c in Sources */ = {isa = PBXBuildFile; fileRef = 017796CB2BAEDA1A00BCC2C3 /* cfprefsd.c */; }; 01E426E42BA1DF91008BC989 /* start.S in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D6252B5C80DA007845B6 /* start.S */; }; 01E426E52BA1DF94008BC989 /* syscall.S in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D6262B5C80DA007845B6 /* syscall.S */; }; 01E426E62BA1DF9B008BC989 /* shellcode.c in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D6302B5C80DA007845B6 /* shellcode.c */; }; @@ -109,12 +112,6 @@ 01E427B52BA1EEF2008BC989 /* main.c in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D61B2B5C80DA007845B6 /* main.c */; }; 01E427B62BA1EEF5008BC989 /* getgrent.c in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D61D2B5C80DA007845B6 /* getgrent.c */; }; 01E427B72BA1EEF7008BC989 /* getpwent.c in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D61E2B5C80DA007845B6 /* getpwent.c */; }; - 01E427BA2BA1EF0C008BC989 /* lsd.m in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D5F62B5C80DA007845B6 /* lsd.m */; }; - 01E427BB2BA1EF0F008BC989 /* main.c in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D5F92B5C80DA007845B6 /* main.c */; }; - 01E427BC2BA1EF1A008BC989 /* lsd.m in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D6B12B5C80DA007845B6 /* lsd.m */; }; - 01E427BD2BA1EF1D008BC989 /* main.c in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D6B32B5C80DA007845B6 /* main.c */; }; - 01E427BE2BA1EF1F008BC989 /* sb.m in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D6B52B5C80DA007845B6 /* sb.m */; }; - 01E427BF2BA1EF22008BC989 /* cfprefsd.c in Sources */ = {isa = PBXBuildFile; fileRef = 01D3D6B72B5C80DA007845B6 /* cfprefsd.c */; }; 01E427C02BA1EF29008BC989 /* main.c in Sources */ = {isa = PBXBuildFile; fileRef = 01B616A02B720E870080AB28 /* main.c */; }; 01E427C12BA1EF2B008BC989 /* securityd.c in Sources */ = {isa = PBXBuildFile; fileRef = 01B616A22B720ED90080AB28 /* securityd.c */; }; 01E427C22BA1EF2E008BC989 /* watchdogd.c in Sources */ = {isa = PBXBuildFile; fileRef = 01B616A42B72106F0080AB28 /* watchdogd.c */; }; @@ -214,6 +211,9 @@ 015DD6BF2BA5992E003E3587 /* xpc_helper.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = xpc_helper.c; path = launchctl/xpc_helper.c; sourceTree = ""; }; 015DD6C02BA5992E003E3587 /* bootstrap.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = bootstrap.c; path = launchctl/bootstrap.c; sourceTree = ""; }; 01683B582B8C679500A7A2EA /* crashreporter.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = crashreporter.m; sourceTree = ""; }; + 017796C72BAED73C00BCC2C3 /* lsd.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = lsd.m; sourceTree = ""; }; + 017796C92BAED7ED00BCC2C3 /* springboard.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = springboard.m; sourceTree = ""; }; + 017796CB2BAEDA1A00BCC2C3 /* cfprefsd.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = cfprefsd.c; sourceTree = ""; }; 019B1B452B5CACA800BABAB5 /* load_etc_rc_d.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = load_etc_rc_d.c; sourceTree = ""; }; 01B6169C2B720DC70080AB28 /* Makefile */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.make; path = Makefile; sourceTree = ""; }; 01B6169F2B720E3F0080AB28 /* hooks.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = hooks.h; sourceTree = ""; }; @@ -324,10 +324,6 @@ 01D3D5EC2B5C80DA007845B6 /* libellekit.tbd */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = "sourcecode.text-based-dylib-definition"; path = libellekit.tbd; sourceTree = ""; }; 01D3D5ED2B5C80DA007845B6 /* APFS.tbd */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = "sourcecode.text-based-dylib-definition"; path = APFS.tbd; sourceTree = ""; }; 01D3D5EE2B5C80DA007845B6 /* IOMobileFramebuffer.tbd */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = "sourcecode.text-based-dylib-definition"; path = IOMobileFramebuffer.tbd; sourceTree = ""; }; - 01D3D5F52B5C80DA007845B6 /* Makefile */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.make; path = Makefile; sourceTree = ""; }; - 01D3D5F62B5C80DA007845B6 /* lsd.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = lsd.m; sourceTree = ""; }; - 01D3D5F92B5C80DA007845B6 /* main.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = main.c; sourceTree = ""; }; - 01D3D5FA2B5C80DA007845B6 /* .gitignore */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = .gitignore; sourceTree = ""; }; 01D3D5FF2B5C80DA007845B6 /* entitlements.xml */ = {isa = PBXFileReference; explicitFileType = text.plist.entitlements; fileEncoding = 4; path = entitlements.xml; sourceTree = ""; }; 01D3D6012B5C80DA007845B6 /* Makefile */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.make; path = Makefile; sourceTree = ""; }; 01D3D6022B5C80DA007845B6 /* mount_dmg.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = mount_dmg.c; sourceTree = ""; }; @@ -404,12 +400,6 @@ 01D3D6A52B5C80DA007845B6 /* daemon.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = daemon.c; sourceTree = ""; }; 01D3D6A62B5C80DA007845B6 /* pspawn.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = pspawn.c; sourceTree = ""; }; 01D3D6A72B5C80DA007845B6 /* xpc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = xpc.c; sourceTree = ""; }; - 01D3D6B02B5C80DA007845B6 /* Makefile */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.make; path = Makefile; sourceTree = ""; }; - 01D3D6B12B5C80DA007845B6 /* lsd.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = lsd.m; sourceTree = ""; }; - 01D3D6B32B5C80DA007845B6 /* main.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = main.c; sourceTree = ""; }; - 01D3D6B42B5C80DA007845B6 /* .gitignore */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = .gitignore; sourceTree = ""; }; - 01D3D6B52B5C80DA007845B6 /* sb.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = sb.m; sourceTree = ""; }; - 01D3D6B72B5C80DA007845B6 /* cfprefsd.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = cfprefsd.c; sourceTree = ""; }; 01D3DA222B5C83B7007845B6 /* dyld-interpose.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "dyld-interpose.h"; sourceTree = ""; }; 01D3DA232B5C83B7007845B6 /* mount_args.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = mount_args.h; sourceTree = ""; }; 01D3DA262B5C83B7007845B6 /* shellcode.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = shellcode.h; sourceTree = ""; }; @@ -586,6 +576,9 @@ 01B616A02B720E870080AB28 /* main.c */, 01B616A22B720ED90080AB28 /* securityd.c */, 01B616A42B72106F0080AB28 /* watchdogd.c */, + 017796C72BAED73C00BCC2C3 /* lsd.m */, + 017796C92BAED7ED00BCC2C3 /* springboard.m */, + 017796CB2BAEDA1A00BCC2C3 /* cfprefsd.c */, ); path = universalhooks; sourceTree = ""; @@ -816,13 +809,11 @@ 01D3D51E2B5C80DA007845B6 /* libjailbreak */, 01D3D52D2B5C80DA007845B6 /* ellekit */, 01D3D5EB2B5C80DA007845B6 /* libs */, - 01D3D5EF2B5C80DA007845B6 /* rootfulhooks */, 01D3D5FB2B5C80DA007845B6 /* mount_cores */, 01D3D6092B5C80DA007845B6 /* .gitignore */, 01D3D60B2B5C80DA007845B6 /* systemhook */, 01D3D61F2B5C80DA007845B6 /* fakedyld */, 01D3D6942B5C80DA007845B6 /* payload_dylib */, - 01D3D6A82B5C80DA007845B6 /* rootlesshooks */, ); path = src; sourceTree = ""; @@ -926,17 +917,6 @@ path = libs; sourceTree = ""; }; - 01D3D5EF2B5C80DA007845B6 /* rootfulhooks */ = { - isa = PBXGroup; - children = ( - 01D3D5F52B5C80DA007845B6 /* Makefile */, - 01D3D5F62B5C80DA007845B6 /* lsd.m */, - 01D3D5F92B5C80DA007845B6 /* main.c */, - 01D3D5FA2B5C80DA007845B6 /* .gitignore */, - ); - path = rootfulhooks; - sourceTree = ""; - }; 01D3D5FB2B5C80DA007845B6 /* mount_cores */ = { isa = PBXGroup; children = ( @@ -1122,19 +1102,6 @@ path = payload_dylib; sourceTree = ""; }; - 01D3D6A82B5C80DA007845B6 /* rootlesshooks */ = { - isa = PBXGroup; - children = ( - 01D3D6B02B5C80DA007845B6 /* Makefile */, - 01D3D6B12B5C80DA007845B6 /* lsd.m */, - 01D3D6B32B5C80DA007845B6 /* main.c */, - 01D3D6B42B5C80DA007845B6 /* .gitignore */, - 01D3D6B52B5C80DA007845B6 /* sb.m */, - 01D3D6B72B5C80DA007845B6 /* cfprefsd.c */, - ); - path = rootlesshooks; - sourceTree = ""; - }; 01D3DA212B5C83B7007845B6 /* include */ = { isa = PBXGroup; children = ( @@ -1786,8 +1753,6 @@ isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( - 01E427BB2BA1EF0F008BC989 /* main.c in Sources */, - 01E427BA2BA1EF0C008BC989 /* lsd.m in Sources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -1795,10 +1760,6 @@ isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( - 01E427BF2BA1EF22008BC989 /* cfprefsd.c in Sources */, - 01E427BD2BA1EF1D008BC989 /* main.c in Sources */, - 01E427BC2BA1EF1A008BC989 /* lsd.m in Sources */, - 01E427BE2BA1EF1F008BC989 /* sb.m in Sources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -1806,9 +1767,12 @@ isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( + 017796CC2BAEDA1A00BCC2C3 /* cfprefsd.c in Sources */, 01E427C12BA1EF2B008BC989 /* securityd.c in Sources */, + 017796CA2BAED7ED00BCC2C3 /* springboard.m in Sources */, 01E427C02BA1EF29008BC989 /* main.c in Sources */, 01E427C22BA1EF2E008BC989 /* watchdogd.c in Sources */, + 017796C82BAED73C00BCC2C3 /* lsd.m in Sources */, ); runOnlyForDeploymentPostprocessing = 0; }; diff --git a/src/Makefile b/src/Makefile index 8656f347..081414e8 100644 --- a/src/Makefile +++ b/src/Makefile @@ -98,8 +98,6 @@ binpack.dmg: binpack.tar loader.dmg $(patsubst %, %-all, $(SUBDIRS)) cp -a $(ROOT)/shared/copyright binpack/usr/share cp -a $(ROOT)/LICENSE binpack/usr/share/copyright/Licnese-plinit.txt chmod 644 binpack/Library/LaunchDaemons/*.plist - cp rootlesshooks/rootlesshooks.dylib binpack/usr/lib - cp rootfulhooks/rootfulhooks.dylib binpack/usr/lib cp systemhook/systemhook.dylib binpack/usr/lib cp universalhooks/universalhooks.dylib binpack/usr/lib cp loader.dmg binpack diff --git a/src/rootfulhooks/.gitignore b/src/rootfulhooks/.gitignore deleted file mode 100644 index 0a7764be..00000000 --- a/src/rootfulhooks/.gitignore +++ /dev/null @@ -1 +0,0 @@ -rootfulhooks.dylib diff --git a/src/rootfulhooks/Makefile b/src/rootfulhooks/Makefile deleted file mode 100644 index 8f98a5a7..00000000 --- a/src/rootfulhooks/Makefile +++ /dev/null @@ -1,44 +0,0 @@ -CFLAGS += -mappletvos-version-min=14.0 -std=gnu17 -fvisibility=hidden -LDFLAGS += -Wl,-dead_strip -Wno-unused-command-line-argument -OBJDIR = obj -C_SRC = $(wildcard *.c) -OBJC_SRC = $(wildcard *.m) -OBJCFLAGS = -fobjc-arc -LIBS = -lobjc -framework Foundation -framework CoreFoundation ../libs/libellekit.tbd -LIBS += -framework Security -OBJS = $(patsubst %,$(OBJDIR)/%,$(OBJC_SRC:.m=.m.o) $(C_SRC:.c=.c.o)) - -ifeq ($(ASAN),1) -CFLAGS += -fsanitize=address,undefined -LDFLAGS += -rpath /cores -endif - -all: rootfulhooks.dylib - -$(OBJDIR): - @mkdir -p $(OBJDIR) - -$(OBJDIR)/%.m.o: %.m $(OBJDIR) - $(OBJC) $(CFLAGS) $(OBJCFLAGS) -c -o $@ $< - -$(OBJDIR)/%.c.o: %.c $(OBJDIR) - $(CC) $(CFLAGS) -c -o $@ $< - -rootfulhooks.dylib: $(OBJS) $(ELLEKIT) - $(CC) $(CFLAGS) $(LDFLAGS) $(LIBS) $(OBJS) -shared \ - -rpath /Library/Frameworks \ - -rpath /usr/lib \ - -rpath /cores/binpack/Library/Frameworks \ - -rpath /cores/binpack/usr/lib \ - -install_name /cores/binpack/usr/lib/rootfulhooks.dylib \ - -o $@ - $(DSYMUTIL) $@ -ifeq ($(DEV_BUILD),1) - $(STRIP) -x $@ -endif - $(LDID) -S $@ - -clean: - rm -rf rootfulhooks.dylib* rootfulhooks.dylib.dSYM obj - -.PHONY: all clean diff --git a/src/rootfulhooks/lsd.m b/src/rootfulhooks/lsd.m deleted file mode 100644 index 30775acf..00000000 --- a/src/rootfulhooks/lsd.m +++ /dev/null @@ -1,44 +0,0 @@ -#include -#include -#include -#include -#include -#include - -BOOL (*orig__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy)(FSNode *const node, const NSURLResourceKey key, CFURLResourcePropertyFlags URLflags, CFURLVolumePropertyFlags VolumeFlags); -BOOL new__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy(FSNode *const node, const NSURLResourceKey key, CFURLResourcePropertyFlags URLflags, CFURLVolumePropertyFlags VolumeFlags) { - NSLog(@"new__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy(node=%p, key=%@, URLFlags=0x%llx, CFURLVolumePropertyFlags=0x%llx);\n[node URL].fileSystemRepresentation=%s", node, key, URLflags, VolumeFlags, [node URL].fileSystemRepresentation); - - BOOL retval = orig__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy(node, key, URLflags, VolumeFlags); - if ( - strncmp([node URL].fileSystemRepresentation, "/Applications", sizeof("/Applications")-1) - && strncmp([node URL].fileSystemRepresentation, "/System", sizeof("/System")-1) - && strncmp([node URL].fileSystemRepresentation, "/cores", sizeof("/cores")-1) /* test */ - ) { - return retval; - - } - if ([key isEqualToString: NSURLVolumeIsLocalKey] ) { - NSLog(@"key %@ for %s forced YES", key, [node URL].fileSystemRepresentation); - return YES; - - } else if ([key isEqualToString:NSURLIsVolumeKey] - || [key isEqualToString:NSURLIsMountTriggerKey] - || [key isEqualToString:(__bridge NSString*)_kCFURLVolumeIsDiskImageKey]) { - NSLog(@"key %@ for %s forced NO", key, [node URL].fileSystemRepresentation); - return NO; - } - - return retval; -} - -void lsdInit(void) { - NSLog(@"lsdInit..."); - MSImageRef coreServicesImage = MSGetImageByName("/System/Library/Frameworks/CoreServices.framework/CoreServices"); - - void* _ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy = MSFindSymbol(coreServicesImage, "__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy"); - NSLog(@"coreServicesImage=%p, _ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy=%p", coreServicesImage, _ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy); - - if (_ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy) - MSHookFunction(_ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy, &new__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy, (void**)&orig__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy); -} diff --git a/src/rootfulhooks/main.c b/src/rootfulhooks/main.c deleted file mode 100644 index dbfc3cf6..00000000 --- a/src/rootfulhooks/main.c +++ /dev/null @@ -1,16 +0,0 @@ -#include -#include -#include -#include -#include -#include - -__attribute__((constructor))void rootfulhooks_main(void) { - char path[PATH_MAX]; - uint32_t pathmax = PATH_MAX; - if (_NSGetExecutablePath(path, &pathmax)) { - return; - } - - if (!strcmp(path, "/usr/libexec/lsd")) lsdInit(); -} diff --git a/src/rootlesshooks/.gitignore b/src/rootlesshooks/.gitignore deleted file mode 100644 index 6dd50f69..00000000 --- a/src/rootlesshooks/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -ellekit_build -rootlesshooks.dylib diff --git a/src/rootlesshooks/Makefile b/src/rootlesshooks/Makefile deleted file mode 100644 index 36f04438..00000000 --- a/src/rootlesshooks/Makefile +++ /dev/null @@ -1,44 +0,0 @@ -CFLAGS += -mappletvos-version-min=14.0 -std=gnu17 -fvisibility=hidden -LDFLAGS += -Wl,-dead_strip -Wno-unused-command-line-argument -OBJDIR = obj -C_SRC = $(wildcard *.c) -OBJC_SRC = $(wildcard *.m) -OBJCFLAGS = -fobjc-arc -LIBS = -lobjc -framework Foundation -framework CoreFoundation ../libs/libellekit.tbd -LIBS += -framework Security -OBJS = $(patsubst %,$(OBJDIR)/%,$(OBJC_SRC:.m=.m.o) $(C_SRC:.c=.c.o)) - -ifeq ($(ASAN),1) -CFLAGS += -fsanitize=address,undefined -LDFLAGS += -rpath /cores -endif - -all: rootlesshooks.dylib - -$(OBJDIR): - @mkdir -p $(OBJDIR) - -$(OBJDIR)/%.m.o: %.m $(OBJDIR) - $(OBJC) $(CFLAGS) $(OBJCFLAGS) -c -o $@ $< - -$(OBJDIR)/%.c.o: %.c $(OBJDIR) - $(CC) $(CFLAGS) -c -o $@ $< - -rootlesshooks.dylib: $(OBJS) $(ELLEKIT) - $(CC) $(CFLAGS) $(LDFLAGS) $(LIBS) $(OBJS) -shared \ - -rpath /var/jb/Library/Frameworks \ - -rpath /var/jb/usr/lib \ - -rpath /cores/binpack/Library/Frameworks \ - -rpath /cores/binpack/usr/lib \ - -install_name /cores/binpack/usr/lib/rootlesshooks.dylib \ - -o $@ - $(DSYMUTIL) $@ -ifeq ($(DEV_BUILD),1) - $(STRIP) -x $@ -endif - $(LDID) -S $@ - -clean: - rm -rf rootlesshooks.dylib* rootlesshooks.dylib.dSYM obj - -.PHONY: all clean diff --git a/src/rootlesshooks/cfprefsd.c b/src/rootlesshooks/cfprefsd.c deleted file mode 100644 index c4ee7c5a..00000000 --- a/src/rootlesshooks/cfprefsd.c +++ /dev/null @@ -1,100 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -enum { // Legal level values for CFLog() - kCFLogLevelEmergency = 0, - kCFLogLevelAlert = 1, - kCFLogLevelCritical = 2, - kCFLogLevelError = 3, - kCFLogLevelWarning = 4, - kCFLogLevelNotice = 5, - kCFLogLevelInfo = 6, - kCFLogLevelDebug = 7, -}; - -CF_EXPORT void CFLog(int32_t level, CFStringRef format, ...); - -bool preferencePlistNeedsRedirection(char* plistPath) { - if ( - strncmp(plistPath, "/private/var/mobile/Containers",sizeof("/private/var/mobile/Containers")-1) == 0 || - strncmp(plistPath, "/var/db",sizeof("/var/db")-1) == 0 || - strncmp(plistPath, "/var/jb",sizeof("/var/jb")-1) == 0 - ) return false; - char plistName[MAXPATHLEN]; - char* ptr = basename_r(plistPath, plistName); - if (ptr == NULL) { - CFLog(kCFLogLevelAlert, CFSTR("cfprefsd_hook: basename_r failed: %d (%s)"), errno, strerror(errno)); - abort(); - } - if ( - strncmp(plistName, "com.apple.", sizeof("com.apple.")-1) == 0 || - strncmp(plistName, "systemgroup.com.apple.", sizeof("systemgroup.com.apple.")-1) == 0 || - strncmp(plistName, "group.com.apple.", sizeof("group.com.apple.")-1) == 0 - ) return false; - - char* additionalSystemPlistNames[] = { - ".GlobalPreferences.plist", - ".GlobalPreferences_m.plist", - "bluetoothaudiod.plist", - "NetworkInterfaces.plist", - "OSThermalStatus.plist", - "preferences.plist", - "osanalyticshelper.plist", - "UserEventAgent.plist", - "wifid.plist", - "dprivacyd.plist", - "silhouette.plist", - "memoryanalyticsd.plist", - "nfcd.plist", - "kNPProgressTrackerDomain.plist", - "siriknowledged.plist", - "UITextInputContextIdentifiers.plist", - "mobile_storage_proxy.plist", - "splashboardd.plist", - "mobile_installation_proxy.plist", - "languageassetd.plist", - "ptpcamerad.plist", - "com.google.gmp.measurement.monitor.plist", - "com.google.gmp.measurement.plist", - NULL - }; - - for (uint8_t i = 0; additionalSystemPlistNames[i] != NULL; i++) { - if (strcmp(plistName, additionalSystemPlistNames[i]) == 0) return false; - } - return true; -} - -bool (*orig_CFPrefsGetPathForTriplet)(CFStringRef, CFStringRef, bool, CFStringRef, char*); -bool new_CFPrefsGetPathForTriplet(CFStringRef bundleIdentifier, CFStringRef user, bool byHost, CFStringRef path, char *buffer) { - bool orig = orig_CFPrefsGetPathForTriplet(bundleIdentifier, user, byHost, path, buffer); - if (orig && buffer) { - bool needsRedirection = preferencePlistNeedsRedirection(buffer); - if (needsRedirection) { - CFLog(kCFLogLevelInfo, CFSTR("cfprefsd_hook: Plist redirected to /var/jb: %s"), buffer); - char newPath[MAXPATHLEN]; - snprintf(newPath, MAXPATHLEN, "/var/jb/%s", buffer); - snprintf(buffer, MAXPATHLEN, "%s", newPath); - } - } - return orig; -} - -void cfprefsdInit(void) -{ - MSImageRef coreFoundationImage = MSGetImageByName("/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation"); - void* CFPrefsGetPathForTriplet_ptr = MSFindSymbol(coreFoundationImage, "__CFPrefsGetPathForTriplet"); - if(CFPrefsGetPathForTriplet_ptr) - { - MSHookFunction(CFPrefsGetPathForTriplet_ptr, (void *)&new_CFPrefsGetPathForTriplet, (void **)&orig_CFPrefsGetPathForTriplet); - } -} diff --git a/src/rootlesshooks/lsd.m b/src/rootlesshooks/lsd.m deleted file mode 100644 index 65b02dfb..00000000 --- a/src/rootlesshooks/lsd.m +++ /dev/null @@ -1,32 +0,0 @@ -#include -#include -#include -#include -#include -#include - -NSURL* (*orig_LSGetInboxURLForBundleIdentifier)(NSString* bundleIdentifier)=NULL; -NSURL* new_LSGetInboxURLForBundleIdentifier(NSString* bundleIdentifier) -{ - NSURL* pathURL = orig_LSGetInboxURLForBundleIdentifier(bundleIdentifier); - - if( ![bundleIdentifier hasPrefix:@"com.apple."] - && [pathURL.path hasPrefix:@"/var/mobile/Library/Application Support/Containers/"]) - { - NSLog(@"redirect Inbox %@: %@", bundleIdentifier, pathURL); - pathURL = [NSURL fileURLWithPath:[NSString stringWithFormat:@"/var/jb/%@", pathURL.path]]; - } - - return pathURL; -} - -void lsdInit(void) { - NSLog(@"lsdInit..."); - MSImageRef coreServicesImage = MSGetImageByName("/System/Library/Frameworks/CoreServices.framework/CoreServices"); - - void* _LSGetInboxURLForBundleIdentifier = MSFindSymbol(coreServicesImage, "__LSGetInboxURLForBundleIdentifier"); - NSLog(@"coreServicesImage=%p, _LSGetInboxURLForBundleIdentifier=%p", coreServicesImage, _LSGetInboxURLForBundleIdentifier); - if(_LSGetInboxURLForBundleIdentifier) - MSHookFunction(_LSGetInboxURLForBundleIdentifier, (void *)&new_LSGetInboxURLForBundleIdentifier, (void **)&orig_LSGetInboxURLForBundleIdentifier); -} - diff --git a/src/rootlesshooks/main.c b/src/rootlesshooks/main.c deleted file mode 100644 index c550b4ae..00000000 --- a/src/rootlesshooks/main.c +++ /dev/null @@ -1,17 +0,0 @@ -#include -#include -#include -#include -#include -#include - -__attribute__((constructor))void rootlesshooks_main(void) { - char path[PATH_MAX]; - uint32_t pathmax = PATH_MAX; - if (_NSGetExecutablePath(path, &pathmax)) { - return; - } - - if (!strcmp(path, "/usr/sbin/cfprefsd")) cfprefsdInit(); - else if (!strcmp(path, "/System/Library/CoreServices/SpringBoard.app/SpringBoard")) sbInit(); -} diff --git a/src/systemhook/main.c b/src/systemhook/main.c index 92eea702..4a514974 100644 --- a/src/systemhook/main.c +++ b/src/systemhook/main.c @@ -427,14 +427,6 @@ __attribute__((constructor)) static void initializer(void) } if (gExecutablePath) { -#if 0 - else if (strcmp(gExecutablePath, "/usr/libexec/watchdogd") == 0) { - int64_t debugErr = 0; - if (debugErr == 0) { - dlopen_hook("/cores/binpack/usr/lib/rootlesshooks.dylib", RTLD_NOW); - } - } -#endif static struct utsname name; static int release = 0; if (!release) { @@ -442,25 +434,14 @@ __attribute__((constructor)) static void initializer(void) if (!ret) release = atoi(name.release); } - if (pflags & palerain_option_rootless) { - if ( - strcmp(gExecutablePath, "/usr/sbin/cfprefsd") == 0 || - strcmp(gExecutablePath, "/System/Library/CoreServices/SpringBoard.app/SpringBoard") == 0 - ) { - dlopen_hook("/cores/binpack/usr/lib/rootlesshooks.dylib", RTLD_NOW); - } - } else { - if (release >= 20) { - if (strcmp(gExecutablePath, "/usr/libexec/lsd") == 0) { - dlopen_hook("/cores/binpack/usr/lib/rootfulhooks.dylib", RTLD_NOW); - } - } - } if (release >= 20) { if ( strcmp(gExecutablePath, "/usr/libexec/securityd") == 0 || strcmp(gExecutablePath, "/usr/libexec/trustd") == 0 || - strcmp(gExecutablePath, "/usr/libexec/watchdogd") == 0) { + strcmp(gExecutablePath, "/usr/libexec/watchdogd") == 0 || + strcmp(gExecutablePath, "/usr/libexec/lsd") == 0 || + strcmp(gExecutablePath, "/System/Library/CoreServices/SpringBoard.app/SpringBoard") == 0 || + strcmp(gExecutablePath, "/usr/sbin/cfprefsd") == 0 ) { dlopen_hook("/cores/binpack/usr/lib/universalhooks.dylib", RTLD_NOW); } } diff --git a/src/universalhooks/Makefile b/src/universalhooks/Makefile index dac99f17..08de030b 100644 --- a/src/universalhooks/Makefile +++ b/src/universalhooks/Makefile @@ -5,7 +5,7 @@ C_SRC = $(wildcard *.c) OBJC_SRC = $(wildcard *.m) OBJCFLAGS = -fobjc-arc LIBS = -lobjc ../libs/IOKit.tbd -framework CoreFoundation ../libs/libellekit.tbd -LIBS += -framework Security +LIBS += -framework Security -framework Foundation OBJS = $(patsubst %,$(OBJDIR)/%,$(OBJC_SRC:.m=.m.o) $(C_SRC:.c=.c.o)) ifeq ($(ASAN),1) diff --git a/src/universalhooks/cfprefsd.c b/src/universalhooks/cfprefsd.c new file mode 100644 index 00000000..1291a59b --- /dev/null +++ b/src/universalhooks/cfprefsd.c @@ -0,0 +1,100 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +enum { // Legal level values for CFLog() + kCFLogLevelEmergency = 0, + kCFLogLevelAlert = 1, + kCFLogLevelCritical = 2, + kCFLogLevelError = 3, + kCFLogLevelWarning = 4, + kCFLogLevelNotice = 5, + kCFLogLevelInfo = 6, + kCFLogLevelDebug = 7, +}; + +CF_EXPORT void CFLog(int32_t level, CFStringRef format, ...); + +bool preferencePlistNeedsRedirection(char* plistPath) { + if ( + strncmp(plistPath, "/private/var/mobile/Containers",sizeof("/private/var/mobile/Containers")-1) == 0 || + strncmp(plistPath, "/var/db",sizeof("/var/db")-1) == 0 || + strncmp(plistPath, "/var/jb",sizeof("/var/jb")-1) == 0 + ) return false; + char plistName[MAXPATHLEN]; + char* ptr = basename_r(plistPath, plistName); + if (ptr == NULL) { + CFLog(kCFLogLevelAlert, CFSTR("cfprefsd_hook: basename_r failed: %d (%s)"), errno, strerror(errno)); + abort(); + } + if ( + strncmp(plistName, "com.apple.", sizeof("com.apple.")-1) == 0 || + strncmp(plistName, "systemgroup.com.apple.", sizeof("systemgroup.com.apple.")-1) == 0 || + strncmp(plistName, "group.com.apple.", sizeof("group.com.apple.")-1) == 0 + ) return false; + + char* additionalSystemPlistNames[] = { + ".GlobalPreferences.plist", + ".GlobalPreferences_m.plist", + "bluetoothaudiod.plist", + "NetworkInterfaces.plist", + "OSThermalStatus.plist", + "preferences.plist", + "osanalyticshelper.plist", + "UserEventAgent.plist", + "wifid.plist", + "dprivacyd.plist", + "silhouette.plist", + "memoryanalyticsd.plist", + "nfcd.plist", + "kNPProgressTrackerDomain.plist", + "siriknowledged.plist", + "UITextInputContextIdentifiers.plist", + "mobile_storage_proxy.plist", + "splashboardd.plist", + "mobile_installation_proxy.plist", + "languageassetd.plist", + "ptpcamerad.plist", + "com.google.gmp.measurement.monitor.plist", + "com.google.gmp.measurement.plist", + NULL + }; + + for (uint8_t i = 0; additionalSystemPlistNames[i] != NULL; i++) { + if (strcmp(plistName, additionalSystemPlistNames[i]) == 0) return false; + } + return true; +} + +bool (*orig_CFPrefsGetPathForTriplet)(CFStringRef, CFStringRef, bool, CFStringRef, char*); +bool new_CFPrefsGetPathForTriplet(CFStringRef bundleIdentifier, CFStringRef user, bool byHost, CFStringRef path, char *buffer) { + bool orig = orig_CFPrefsGetPathForTriplet(bundleIdentifier, user, byHost, path, buffer); + if (orig && buffer) { + bool needsRedirection = preferencePlistNeedsRedirection(buffer); + if (needsRedirection) { + CFLog(kCFLogLevelInfo, CFSTR("cfprefsd_hook: Plist redirected to /var/jb: %s"), buffer); + char newPath[MAXPATHLEN]; + snprintf(newPath, MAXPATHLEN, "/var/jb/%s", buffer); + snprintf(buffer, MAXPATHLEN, "%s", newPath); + } + } + return orig; +} + +void cfprefsdInit(void) +{ + MSImageRef coreFoundationImage = MSGetImageByName("/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation"); + void* CFPrefsGetPathForTriplet_ptr = MSFindSymbol(coreFoundationImage, "__CFPrefsGetPathForTriplet"); + if(CFPrefsGetPathForTriplet_ptr) + { + MSHookFunction(CFPrefsGetPathForTriplet_ptr, (void *)&new_CFPrefsGetPathForTriplet, (void **)&orig_CFPrefsGetPathForTriplet); + } +} diff --git a/src/universalhooks/lsd.m b/src/universalhooks/lsd.m new file mode 100644 index 00000000..423d1287 --- /dev/null +++ b/src/universalhooks/lsd.m @@ -0,0 +1,69 @@ +#include +#include +#include +#include +#include +#include + +BOOL (*orig__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy)(FSNode *const node, const NSURLResourceKey key, CFURLResourcePropertyFlags URLflags, CFURLVolumePropertyFlags VolumeFlags); +BOOL new__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy(FSNode *const node, const NSURLResourceKey key, CFURLResourcePropertyFlags URLflags, CFURLVolumePropertyFlags VolumeFlags) { + NSLog(@"new__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy(node=%p, key=%@, URLFlags=0x%llx, CFURLVolumePropertyFlags=0x%llx);\n[node URL].fileSystemRepresentation=%s", node, key, URLflags, VolumeFlags, [node URL].fileSystemRepresentation); + + BOOL retval = orig__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy(node, key, URLflags, VolumeFlags); + if ( + strncmp([node URL].fileSystemRepresentation, "/Applications", sizeof("/Applications")-1) + && strncmp([node URL].fileSystemRepresentation, "/System", sizeof("/System")-1) + && strncmp([node URL].fileSystemRepresentation, "/cores", sizeof("/cores")-1) /* test */ + ) { + return retval; + + } + if ([key isEqualToString: NSURLVolumeIsLocalKey] ) { + NSLog(@"key %@ for %s forced YES", key, [node URL].fileSystemRepresentation); + return YES; + + } else if ([key isEqualToString:NSURLIsVolumeKey] + || [key isEqualToString:NSURLIsMountTriggerKey] + || [key isEqualToString:(__bridge NSString*)_kCFURLVolumeIsDiskImageKey]) { + NSLog(@"key %@ for %s forced NO", key, [node URL].fileSystemRepresentation); + return NO; + } + + return retval; +} + +NSURL* (*orig_LSGetInboxURLForBundleIdentifier)(NSString* bundleIdentifier)=NULL; +NSURL* new_LSGetInboxURLForBundleIdentifier(NSString* bundleIdentifier) +{ + NSURL* pathURL = orig_LSGetInboxURLForBundleIdentifier(bundleIdentifier); + + if( ![bundleIdentifier hasPrefix:@"com.apple."] + && [pathURL.path hasPrefix:@"/var/mobile/Library/Application Support/Containers/"]) + { + NSLog(@"redirect Inbox %@: %@", bundleIdentifier, pathURL); + pathURL = [NSURL fileURLWithPath:[NSString stringWithFormat:@"/var/jb/%@", pathURL.path]]; + } + + return pathURL; +} + +void lsdRootfulInit(void) { + NSLog(@"lsdRootfulInit..."); + MSImageRef coreServicesImage = MSGetImageByName("/System/Library/Frameworks/CoreServices.framework/CoreServices"); + + void* _ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy = MSFindSymbol(coreServicesImage, "__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy"); + NSLog(@"coreServicesImage=%p, _ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy=%p", coreServicesImage, _ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy); + + if (_ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy) + MSHookFunction(_ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy, &new__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy, (void**)&orig__ZL25_FSNodeGetSimpleBoolValueP6FSNodeP8NSStringyy); +} + +void lsdRootlessInit(void) { + NSLog(@"lsdRootlessInit..."); + MSImageRef coreServicesImage = MSGetImageByName("/System/Library/Frameworks/CoreServices.framework/CoreServices"); + + void* _LSGetInboxURLForBundleIdentifier = MSFindSymbol(coreServicesImage, "__LSGetInboxURLForBundleIdentifier"); + NSLog(@"coreServicesImage=%p, _LSGetInboxURLForBundleIdentifier=%p", coreServicesImage, _LSGetInboxURLForBundleIdentifier); + if(_LSGetInboxURLForBundleIdentifier) + MSHookFunction(_LSGetInboxURLForBundleIdentifier, (void *)&new_LSGetInboxURLForBundleIdentifier, (void **)&orig_LSGetInboxURLForBundleIdentifier); +} diff --git a/src/universalhooks/main.c b/src/universalhooks/main.c index 0f692bf8..83e999c3 100644 --- a/src/universalhooks/main.c +++ b/src/universalhooks/main.c @@ -3,17 +3,40 @@ #include #include #include +#include #include +struct hook_info { + const char* executablePath; + void (*rootlessInit)(void); + void (*rootfulInit)(void); + void (*universalInit)(void); +}; + +struct hook_info info[] = { + { "/usr/libexec/securityd", NULL, NULL, securitydInit }, + { "/usr/libexec/trustd", NULL, NULL, securitydInit }, + { "/usr/libexec/watchdogd", NULL, NULL, watchdogdInit }, + { "/System/Library/CoreServices/SpringBoard.app/SpringBoard", springboardInit, NULL, NULL }, + { "/usr/libexec/lsd", lsdRootlessInit, lsdRootfulInit, NULL }, + { "/usr/sbin/cfprefsd", cfprefsdInit, NULL, NULL }, +}; + __attribute__((constructor))void universalhooks_main(void) { + uint64_t pflags = strtoull(getenv("JB_PINFO_FLAGS"), NULL, 0); + bool rootful = pflags & palerain_option_rootful; + char path[PATH_MAX]; uint32_t pathmax = PATH_MAX; if (_NSGetExecutablePath(path, &pathmax)) { return; } - - if (strcmp(path, "/usr/libexec/securityd") == 0 - || strcmp(path, "/usr/libexec/trustd") == 0) securitydInit(); - else if (strcmp(path, "/usr/libexec/watchdogd") == 0) watchdogdInit(); + for (size_t i = 0; i < (sizeof(info) / sizeof(struct hook_info)); i++) { + if (strcmp(path, info[i].executablePath)) continue; + if (rootful && info[i].rootfulInit) info[i].rootfulInit(); + else if (info[i].rootlessInit) info[i].rootlessInit(); + + if (info[i].universalInit) info[i].universalInit(); + } } diff --git a/src/rootlesshooks/sb.m b/src/universalhooks/springboard.m similarity index 83% rename from src/rootlesshooks/sb.m rename to src/universalhooks/springboard.m index 9e851dff..9837a4dc 100644 --- a/src/rootlesshooks/sb.m +++ b/src/universalhooks/springboard.m @@ -2,7 +2,7 @@ #include #include -@interface XBSnapshotContainerIdentity : NSObject +@interface XBSnapshotContainerIdentity : NSObject @property (nonatomic, readonly, copy) NSString* bundleIdentifier; @end @@ -20,12 +20,12 @@ @interface XBSnapshotContainerIdentity : NSObject return path; } -void sbInit(void) +void springboardInit(void) { - Class class_XBSnapshotContainerIdentity = objc_getClass("XBSnapshotContainerIdentity"); + Class class_XBSnapshotContainerIdentity = objc_getClass("XBSnapshotContainerIdentity"); MSHookMessageEx( - class_XBSnapshotContainerIdentity, - @selector(snapshotContainerPath), + class_XBSnapshotContainerIdentity, + @selector(snapshotContainerPath), (IMP)&XBSnapshotContainer_Identity_snapshotContainerPath, (IMP*)&orig_XBSnapshotContainerIdentity_snapshotContainerPath );