SAD1992 / iphone-dataprotection

Automatically exported from code.google.com/p/iphone-dataprotection
0 stars 0 forks source link

No handler defined for "AES" Request (ios_examiner.py) #63

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Download redsn0w_win_0.9.14b2
2. Download ramdisk/kernel 
http://www.4shared.com/folder/XfBqYvzz/iPhone_4_-_5.html
3. Download iPhone3,1_5.0_9A334_Restore.ipsw
4. Boot iPhone 4 (GSM) with "redsn0w.exe -i iPhone3,1_5.0_9A334_Restore.ipsw -r 
myramdisk.dmg -k kernelcache.release.n90.patched"
5. Run ios_examiner.py after boot OK

What is the expected output? What do you see instead?
First request is sent for "DeviceInfo", it works.
Second request is sent for "AES" and it returns "No handler defined for Request"

Connecting to device : ramdisk tool Dec  1 2011 14:40:41
Traceback (most recent call last):
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\demo_bruteforce
.py", line 65, in <module>
    bf_system()
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\demo_bruteforce
.py", line 19, in bf_system
    client = RamdiskToolClient()
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\util\ramdiskcli
ent.py", line 48, in __init__
    self.getDeviceInfos()
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\util\ramdiskcli
ent.py", line 74, in getDeviceInfos
    keys = self.grabDeviceKeys()
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\util\ramdiskcli
ent.py", line 164, in grabDeviceKeys
    if not r or r.returnCode != 0 or not r.has_key("data"):
AttributeError: 'str' object has no attribute 'returnCode'

What version of the product are you using? On what operating system?
Recent svn
Windows 7 64bit
iPhone 4 (GSM) with iOS 5.1.1

Please provide any additional information below.

Original issue reported on code.google.com by ill...@gmail.com on 10 Jul 2012 at 11:10

GoogleCodeExporter commented 8 years ago
you need to rebuild the ramdisk from the latest revision, the one on that link 
is outdated.

Original comment by jean.sig...@gmail.com on 11 Jul 2012 at 8:22

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
I rebuilt the ramdisk and kernel with the new code from the svn. This is the 
new output using the same procedure:

Connecting to device : xxx
Device model: iPhone 4 GSM
UDID: xxx
ECID: xxx
Serial number: xxx
key835: xxx
key89B: xxx
Chip id 0x32956845 banks per CE physical 2
NAND geometry : 32GB (4 CEs (2 physical banks/CE) of 8192 blocks of 128 pages of
 8192 bytes data, 12 bytes metdata)
Searching for special pages...
Found DEVICEUNIQUEINFO, NANDDRIVERSIGN, DEVICEINFOBBT special pages in CE 0
NAND signature 0x43313132 flags 0x10006 withening=1, epoch=2
Effaceable generation 48
Effaceable CRC OK
Found effaceable lockers in ce 3 block 1 page 96
Lockers : BAG1, DONE, Dkey, LwVM
Traceback (most recent call last):
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\ios_examiner.py
", line 366, in <module>
    main()
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\ios_examiner.py
", line 361, in main
    image = NAND(nandimagename, device_infos)
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\nand\nand.py",
line 106, in __init__
    EMF = self.getEMF(device_infos["key89B"].decode("hex"))
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\nand\nand.py",
line 339, in getEMF
    return self.lockers.get_EMF(k89b)
  File "C:\Python27\Scripts\iphone-dataprotection\python_scripts\keystore\efface
able.py", line 65, in get_EMF
    lwvm = AES.new(k89b, AES.MODE_CBC).decrypt(self.lockers["LwVM"])
  File "C:\Python27\lib\site-packages\Crypto\Cipher\AES.py", line 95, in new
    return AESCipher(key, *args, **kwargs)
  File "C:\Python27\lib\site-packages\Crypto\Cipher\AES.py", line 59, in __init_
_
    blockalgo.BlockAlgo.__init__(self, _AES, key, *args, **kwargs)
  File "C:\Python27\lib\site-packages\Crypto\Cipher\blockalgo.py", line 141, in
__init__
    self._cipher = factory.new(key, *args, **kwargs)
ValueError: IV must be 16 bytes long

Original comment by ill...@gmail.com on 12 Jul 2012 at 12:01

GoogleCodeExporter commented 8 years ago
This issue was closed by revision 3047d3092b7b.

Original comment by jean.sig...@gmail.com on 12 Jul 2012 at 11:23

GoogleCodeExporter commented 8 years ago
This is a bug with the latest version of pycrypto, can you try with the latest 
revision from the repository, it should be fixed. Thanks for reporting this bug.

Original comment by jean.sig...@gmail.com on 12 Jul 2012 at 11:24

GoogleCodeExporter commented 8 years ago
Issue 67 has been merged into this issue.

Original comment by jean.sig...@gmail.com on 30 Jul 2012 at 12:53

GoogleCodeExporter commented 8 years ago
hi pls kindly take a look, I updated the ramdisk and below is the output:

LwVM header CRC OK
cprotect version : 4 (iOS 5)
iOS version:  5.1.1
Keybag state: locked
Traceback (most recent call last):
  File "python_scripts/ios_examiner.py", line 366, in <module>
    main()
  File "python_scripts/ios_examiner.py", line 363, in main
    ExaminerShell(image).cmdloop("")
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/cmd.py", line 130, in cmdloop
    line = raw_input(self.prompt)
UnicodeEncodeError: 'ascii' codec can't encode character u'\u2019' in position 
4: ordinal not in range(128)

Original comment by blackjac...@gmail.com on 30 Jul 2012 at 1:36

GoogleCodeExporter commented 8 years ago
this is an issue with unicode characters, i have to find the correct fix to 
avoid those errors everywhere.
for now, you can try by replacing this line in ios_examiner.py
self.deviceName = get_device_name(self.data)
replace with
self.deviceName = ""
it should fix this particular error but you might have the same error later on. 
let me know how it goes. thanks

Original comment by jean.sig...@gmail.com on 30 Jul 2012 at 4:09

GoogleCodeExporter commented 8 years ago
hi Jean, Thanks for your kind help.
I find a workaround of removing the “'” in my username which resolved the 
issue.
Thanks again!

Original comment by blackjac...@gmail.com on 30 Jul 2012 at 4:23