coolstar / electra

Electra iOS 11.0 - 11.1.2 jailbreak toolkit based on async_awake
GNU General Public License v3.0
656 stars 163 forks source link

Electra doesn't always parse signatures correctly #136

Open andrewwiik opened 6 years ago

andrewwiik commented 6 years ago

Electra doesn't always correctly pull the signature to add to the trust, I and Carlos Perez have both has instances where things are properly signed and using jtool we can even see that yet Electra logs this:

Feb 18 21:09:38 Andrews-iPhone SpringBoard(TweakInject.dylib)[5671] <Notice>: Injecting /Library/TweakInject/PeekaBoo.dylib into com.apple.springboard
Feb 18 21:09:38 Andrews-iPhone amfid(amfid_payload.dylib)[247] <Notice>: We got called! /usr/lib/TweakInject/PeekaBoo.dylib with {
    RespectUppTrustAndAuthorization = 1;
    UniversalFileOffset = 98304;
    ValidateSignatureOnly = 1;
} (info: (null))
Feb 18 21:09:38 Andrews-iPhone amfid(Security)[247] <Notice>: UNIX error exception: 24
Feb 18 21:09:38 Andrews-iPhone amfid(libmis.dylib)[247] <Notice>: Failure creating static code: 100024
Feb 18 21:09:38 Andrews-iPhone amfid(libmis.dylib)[247] <Notice>: Could not copy code signature (error 0xc018).
Feb 18 21:09:38 Andrews-iPhone kernel(AppleMobileFileIntegrity)[0] <Notice>: AMFI: code signature validation failed.
Feb 18 21:09:38 Andrews-iPhone amfid(amfid_payload.dylib)[247] <Notice>: We got called! AFTER ACTUAL /usr/lib/TweakInject/PeekaBoo.dylib with {
    RespectUppTrustAndAuthorization = 1;
    UniversalFileOffset = 98304;
    ValidateSignatureOnly = 1;
} (info: (null))
Feb 18 21:09:38 Andrews-iPhone amfid(amfid_payload.dylib)[247] <Notice>: Couldn't open file
Feb 18 21:09:38 Andrews-iPhone amfid(amfid_payload.dylib)[247] <Notice>: Can't get code_directory
Feb 18 21:09:38 Andrews-iPhone amfid[247] <Notice>: /usr/lib/TweakInject/PeekaBoo.dylib not valid: 0xc018: An unexpected error was encountered (0xC018)
Feb 18 21:09:38 Andrews-iPhone SpringBoard(TweakInject.dylib)[5671] <Notice>: Injection failed: 'dlopen(/Library/TweakInject/PeekaBoo.dylib, 9): no suitable image found.  Did find:
    /Library/TweakInject/PeekaBoo.dylib: code signature invalid for '/Library/TweakInject/PeekaBoo.dylib'

After so many re-installs of the tweak after rebuilding it many times (code has not changed in any of these builds) and several reboots and reruns of Electra it suddenly starts working again.


stek29 commented 6 years ago

Electra only touches trust cache during jailbreak process. JBD/amfid don't touch it at all.

Also, both original apple's libmis and amfid_payload failed to open the file. However, this is interesting:

amfid(Security)[247] <Notice>: UNIX error exception: 24

cy# strerror(24)
&"Too many open files"
stek29 commented 6 years ago

lmfao I can't believe this amfid_payload doesn't close file

nullpixel commented 6 years ago

LOL