Home Explore Help
Sign In
NitoTV
/
cycripter
Watch 3
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
cycripter
/
CycriptLoader
/
CycriptLoader.xm

CycriptLoader.xm 2.7 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102 
  1. /**
    2. 

  2.  * CycriptLoader
    3. 

  3.  *
    4. 

  4.  * Load cycript!
    5. 

  5.  *
    6. 

  6.  * By Sam Binger and Kevin Bradley
    7. 

  7.  *
    8. 

  8.  */
    9. 

  9. 

  10. /**
    11. 

  11. 

  12. This dylib injects into our target process, iterates through which port is available and then posts a distributed notification that our cycripter binary is waiting to hear back
    13. 

  13. and starts listening with CYListenServer on the specified port. After cycripter echoes out the command the user can succesfully connect to cycript and control the injected process.
    14. 

  14. 

  15. 

  16. */
    17. 

  17. 

  18. 

  19. #import <Foundation/Foundation.h>
    20. 

  20. #import "Cycript.h"
    21. 

  21. 

  22. #include <sys/types.h>
    23. 

  23. #include <sys/socket.h>
    24. 

  24. #include <netinet/in.h>
    25. 

  25. 

  26. @interface NSDistributedNotificationCenter : NSNotificationCenter
    27. 

  27. 

  28. + (id)defaultCenter;
    29. 

  29. 

  30. - (void)addObserver:(id)arg1 selector:(SEL)arg2 name:(id)arg3 object:(id)arg4;
    31. 

  31. - (void)postNotificationName:(id)arg1 object:(id)arg2 userInfo:(id)arg3;
    32. 

  32. 

  33. @end
    34. 

  34. 

  35. 

  36. %ctor
    37. 

  37. {
    38. 

  38. 

  39.     //check to see if 1337 is available
    40. 

  40. 

  41. int sock = socket(AF_INET, SOCK_STREAM, 0);
    42. 

  42.     if(sock < 0) {
    43. 

  43.         NSLog(@"#### cycript runner: socket error\n");
    44. 

  44.         return;
    45. 

  45.     }
    46. 

  46.     printf("Opened %d\n", sock);
    47. 

  47.     in_port_t port = 1337;
    48. 

  48.     struct sockaddr_in serv_addr;
    49. 

  49.     bzero((char *) &serv_addr, sizeof(serv_addr));
    50. 

  50.     serv_addr.sin_family = AF_INET;
    51. 

  51.     serv_addr.sin_addr.s_addr = INADDR_ANY;
    52. 

  52.     serv_addr.sin_port = port;
    53. 

  53.     BOOL usablePort = FALSE;
    54. 

  54.     
    55. 

  55.     while(usablePort != TRUE){
    56. 

  56.         if (bind(sock, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0) {
    57. 

  57.             if(errno == EADDRINUSE) {
    58. 

  58.                  NSLog(@"#### cycript runner: the port is not available: %hu already to other process\n", port);
    59. 

  59.                 port++;
    60. 

  60.                 serv_addr.sin_port = port;
    61. 

  61.                 continue;
    62. 

  62.             } else {
    63. 

  63.                 NSLog(@"#### cycript runner: could not bind to process (%d) %s\n", errno, strerror(errno));
    64. 

  64.                 break;
    65. 

  65.                 //return;
    66. 

  66.             }
    67. 

  67.         } else {
    68. 

  68.             
    69. 

  69.             usablePort = TRUE;
    70. 

  70.             NSLog(@"#### cycript runner: success with port %i\n", port);
    71. 

  71.             
    72. 

  72.         }
    73. 

  73.         
    74. 

  74.     }
    75. 

  75.     
    76. 

  76.    
    77. 

  77.     
    78. 

  78.     socklen_t len = sizeof(serv_addr);
    79. 

  79.     if (getsockname(sock, (struct sockaddr *)&serv_addr, &len) == -1) {
    80. 

  80.         perror("getsockname");
    81. 

  81.         //return;
    82. 

  82.     }
    83. 

  83. 

  84.     //int port = ntohs(serv_addr.sin_port);
    85. 

  85. 

  86. 

  87.     NSLog(@"#### cycript runner: port number %d\n", port);
    88. 

  88.     NSString *portNumber = [NSString stringWithFormat:@"%d", port];
    89. 

  89.     [[NSDistributedNotificationCenter defaultCenter] postNotificationName:@"cycriptPortAvailable" object:nil userInfo:@{@"port": portNumber}];
    90. 

  90.     
    91. 

  91.   
    92. 

  92.     /*
    93. 

  93.     if (close (sock) < 0 ) {
    94. 

  94.         NSLog(@"#### cycript runner: did not close: %s\n", strerror(errno));
    95. 

  95.        // return;
    96. 

  96.     }
    97. 

  97.     */
    98. 

  98. 

  99.     CYListenServer(port);
    100. 

  100.     NSLog(@"running server on port: %d", port);
    101. 

  101. } 
    102. 

  102.