|Kevin Bradley 132dc9b382 updated readme adding wiki link||8 months ago|
|CycriptLoader||8 months ago|
|.gitignore||8 months ago|
|Ent.plist||8 months ago|
|FindProcess.h||8 months ago|
|FindProcess.m||8 months ago|
|LICENSE||8 months ago|
|README.md||8 months ago|
|cycripter.mm||8 months ago|
|iosMake.sh||8 months ago|
|libtakeover-tvOS.a||8 months ago|
|libtakeover.a||8 months ago|
|libtakeover.hpp||8 months ago|
|tvosMake.sh||8 months ago|
Tools to make it easier to get cycript to work in chimera, will eventually try and get it to work in earlier versions, but for now 12+ is all that is supported.
cycripter <ProcessName> &
cycripter PineBoard &
which should return log like the following:
PineBoard PID is 1758
No error occured!
cycript started on port: 1337! Press return & then run the following command to connect:
cycript -r 127.0.0.1:1337 <--- run this command exactly as it appears
Press return and run the command in the last line of the output from cycripter, in our case it would be
cycript -r 127.0.0.1:1337
It's a two step build process run either iosMake.sh or tvOSMake.sh depending on which platform you are targeting
Then change to CycriptLoader folder and run 'make', you may need to rename a make file first to build for your intended target.
cycripter takes the process name and searches for a matching pid, while adding a distributed notification observer to listen for the port CycriptLoader.dylib will report back for us to connect to in cycript
it uses libtakeover and code from inject_criticald and injects /usr/lib/CycriptLoader.dylib into the targeted process
Starting at port 1337 CycriptLoader.dylib finds the first available port and then posts a distributed notification back to cycripter with this port number. After that it runs CYServerListener at the specified port inside the injected process.
cycripter receives this notification and prints out the log for what we need to run to connect to the targeted process with cycript.
when running cycript it connects to a "remote" process on localhost, on the specified port. voila!
Would much prefer not to use distributed notifications to communicate this information between the loader and the binary, initially tried to write the file out to /tmp//port and have the bin monitor that folder and read the 'port' file which it could read back and log to us. Not a much cleaner or better solution, but i tried and it failed so i resorted to push notifications as a quick stop gap.
Would also prefer to fork / exec / etc a new process and drop straight in to cycript, or even just leverage its libraries and connect via sockets to control the cycript session as well, don't currently have the time to purse that path, hoping if someone else cares enough they can pick up the mantle and continue, or at least submit a PR.
more info: https://wiki.awkwardtv.org/wiki/Cycript