nabla-c0d3 / iphone-dataprotection

Automatically exported from code.google.com/p/iphone-dataprotection
39 stars 14 forks source link

offline ios_examiner fail to build VSVFL #120

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1.nand_dump with ios_examiner
2.try to run ios_examiner offline with dump and plist
3.

What is the expected output? What do you see instead?
expected : shell
see : stack trace 

$python python_scripts/ios_examiner.py test_nand.bin test.plist 
Loading device information from test.plist
Device model: iPhone 4 GSM
UDID: 159e470f4c878e371e873433b9684cee235af1ea
ECID: 2991999034191
Serial number: 7V0473J6A4S
key835: e13e4f7c6ee4d53e1911663ad392a337
key89B: 945079b9494891d02f7acbad0cca4890
Chip id 0x3294e798 banks per CE physical 1
NAND geometry : 16GB (4 CEs (1 physical banks/CE) of 4100 blocks of 128 pages 
of 8192 bytes data, 12 bytes metdata)
Image size matches expected size, looks ok
Searching for special pages...
Found DEVICEUNIQUEINFO, NANDDRIVERSIGN, DEVICEINFOBBT special pages in CE 0
NAND signature 0x43313132 flags 0x10006 withening=1, epoch=2
Effaceable generation 50
Effaceable CRC OK
Found effaceable lockers in ce 1 block 1 page 96
Lockers : BAG1, DONE, Dkey, EMF!
Found DEVICEUNIQUEINFO, serial number=7V0473J6A4S
Using VSVFL
Traceback (most recent call last):
  File "python_scripts/ios_examiner.py", line 366, in <module>
    main()
  File "python_scripts/ios_examiner.py", line 361, in main
    image = NAND(nandimagename, device_infos)
  File "iphone-dataprotection/python_scripts/nand/nand.py", line 125, in __init__
    self.vfl = VSVFL(self)
  File "iphone-dataprotection/python_scripts/nand/vsvfl.py", line 87, in __init__
    raise Exception("Unable to find VSVFL context for CE %d" % ce)
Exception: Unable to find VSVFL context for CE 0

What version of the product are you using? On what operating system?
OS X version : 10.9
XCode version : 5
Tools revision : run the "hg id" command in the iphone-dataprotection
folder
00aea2688dc8+ tip

Please provide any additional information below.

The process is going well online. I can access the shell, run bruteforce, run 
undelete.

I would like to do the same offline, and it should be possible ,looking at the 
source. What is wrong ?

Original issue reported on code.google.com by matthieu...@gmail.com on 13 Dec 2013 at 3:15

GoogleCodeExporter commented 9 years ago
yes this is a weird bug that i haven't been able to fix (see issue 72 and issue 
86). just to make sure its the same bug, can you post the 0x4000 bytes starting 
at offset 0x402800 in the dump file ? thanks.

Original comment by jean.sig...@gmail.com on 14 Dec 2013 at 2:27

GoogleCodeExporter commented 9 years ago
it seems to be the same symptoms. Here are the bytes you asked for :

00402800  6e 65 70 6f 02 00 00 00  03 00 00 00 00 00 00 00  |nepo............|
00402810  ee 88 70 8d 35 d0 4a 85  bb 34 f6 0d 8a 45 be f1  |..p.5.J..4...E..|
00402820  49 57 c0 63 1a 86 d2 2a  d5 40 12 a9 6c b2 63 fa  |IW.c...*.@..l.c.|
00402830  e2 04 ff 1c 58 a2 ab 93  10 84 f9 35 6e 3e 86 71  |....X......5n>.q|
00402840  88 f5 e1 bf f6 58 5f 00  24 1f c4 e7 fd ad 9c 7e  |.....X_.$......~|
00402850  45 4a 27 0b 77 6b 54 99  e4 89 78 a1 93 96 e1 5a  |EJ'.wkT...x....Z|
00402860  f7 f3 e8 41 de ac 72 6c  75 db e1 74 87 75 49 de  |...A..rlu..t.uI.|
00402870  3f 9c 8d ac c2 0a 42 46  18 45 04 e1 f1 4b ff e8  |?.....BF.E...K..|
00402880  e1 01 4a 3d fe 3e 8f 5b  e3 29 ad e1 9c e0 69 06  |..J=.>.[.)....i.|
00402890  af c3 50 22 79 dc 6c f2  57 63 b6 b3 a3 40 42 40  |..P"y.l.Wc...@B@|
004028a0  b9 58 3e 78 e3 bc 82 b3  3d 9c 65 1c c0 4a 0d 1b  |.X>x....=.e..J..|
004028b0  97 18 54 62 04 b5 85 2e  4b fb 07 88 ce 7d 50 28  |..Tb....K....}P(|
004028c0  21 3d 9e d7 9f 6c 48 c7  fa 2d bf ee 71 9f bc 6b  |!=...lH..-..q..k|
004028d0  f6 1c 8d 8b 30 74 31 81  6b 93 cd 79 20 69 06 bc  |....0t1.k..y i..|
004028e0  ec 0a f4 da f7 91 07 86  43 c1 f0 f2 65 ca 3b 67  |........C...e.;g|
004028f0  19 ee 61 58 02 7f 81 ce  f2 f9 d6 6a 8c e6 c2 a3  |..aX.......j....|
00402900  6d 1d 98 19 ea cb 59 ef  86 9b dc b1 3a eb 8c f5  |m.....Y.....:...|
00402910  a4 cc cc ed fb 20 38 50  6d ee f0 8f 71 c2 67 80  |..... 8Pm...q.g.|
00402920  e3 82 6b d4 f8 e7 a5 c6  14 9e 78 0c e8 5e d6 58  |..k.......x..^.X|
00402930  27 39 e1 22 ef 05 61 82  66 27 64 23 3d d3 a6 5d  |'9."..a.f'd#=..]|
00402940  76 09 0b d0 a1 7b 2a c6  8b aa de a1 9e 70 44 bc  |v....{*......pD.|
00402950  49 33 7e 0b 25 1d 91 b1  02 eb 88 1b 3b 6b 41 1a  |I3~.%.......;kA.|
00402960  f0 c5 1a 04 c5 9e 71 9b  1c 46 b0 84 4a f6 8e 09  |......q..F..J...|
00402970  a5 78 ea c0 c5 57 cd 69  14 fe ae 97 86 9d f0 9c  |.x...W.i........|
00402980  29 25 b3 1f 2b 94 d3 1b  14 76 c8 fa b7 6b f5 c1  |)%..+....v...k..|
00402990  7a 0b f9 ec 6b ac 2d d4  f0 5e 1b 11 27 36 c3 b6  |z...k.-..^..'6..|
004029a0  f5 7a 91 91 82 29 68 e9  d3 91 99 f5 b1 27 4d c8  |.z...)h......'M.|
004029b0  df b0 70 aa fa 16 11 4d  52 3f bb 70 bf d2 cc e3  |..p....MR?.p....|
004029c0  07 6b ba 6d 87 e3 a8 01  82 55 33 61 1b a8 28 a0  |.k.m.....U3a..(.|
004029d0  0e ec e2 93 f9 5d 39 9b  6f e8 49 a2 82 fe 5e 9c  |.....]9.o.I...^.|
004029e0  fc 6f 6d 73 bc d6 cd 9d  8d 33 9e 1d 28 e9 b0 8a  |.oms.....3..(...|
004029f0  15 34 66 2c f5 a9 3b db  36 b4 90 a4 9f 35 5d 2b  |.4f,..;.6....5]+|
00402a00  8c 6a b8 13 1e 9d f2 88  d9 8c ed c7 7a f1 d4 4a  |.j..........z..J|
00402a10  45 63 bd 03 e3 a8 5a 99  f9 08 79 08 62 c5 0b 47  |Ec....Z...y.b..G|
00402a20  c6 91 52 d6 65 95 a6 2c  97 88 fd 81 ef 62 2e 66  |..R.e..,.....b.f|
00402a30  da 69 58 00 9e f5 ec a5  20 70 d2 bf 35 0d 21 07  |.iX..... p..5.!.|
00402a40  33 3b 89 6a d8 ca 68 55  0e e0 cd d1 6a 7f 20 2a  |3;.j..hU....j. *|
00402a50  23 6b 4e 98 f2 05 b6 3d  cd e3 ea 51 ce 81 00 df  |#kN....=...Q....|
00402a60  82 2d 81 41 8b dd 00 f2  dc 5f ea c0 70 14 39 6f  |.-.A....._..p.9o|
00402a70  dd a5 f5 db ad 8b 6c 8a  e3 92 4a 2e 53 f4 7f 46  |......l...J.S..F|
00402a80  ef 8a 0a 1d 90 d6 05 6f  a5 ff cb 69 cb 6d 81 dc  |.......o...i.m..|
00402a90  9b 84 20 5b f5 52 d7 e4  99 39 1f e6 92 0e b8 82  |.. [.R...9......|
00402aa0  1b 2f 78 50 1b 6a e2 2b  5e d8 79 c1 a5 6a 20 05  |./xP.j.+^.y..j .|
00402ab0  63 9d e4 b6 33 db a9 9f  58 42 6f a0 09 80 3c 38  |c...3...XBo...<8|
00402ac0  31 9f cc 46 10 54 b8 6a  18 64 4c 3b 79 2e b3 99  |1..F.T.j.dL;y...|
00402ad0  fa ca 08 b5 df 98 2a 3b  8d b0 dc ee 41 ae 83 8a  |......*;....A...|
00402ae0  c6 f1 d1 71 e2 da ff 23  f3 28 22 2e dc 79 4b 22  |...q...#.("..yK"|
00402af0  3b 7a 28 1d f9 92 9f 95  09 1d bf a9 72 34 c6 6a  |;z(.........r4.j|
00402b00  01 29 19 26 18 39 d6 a5  be bf c2 e8 4c 20 fa cd  |.).&.9......L ..|
00402b10  5a 04 fa 50 07 ec b1 55  b2 55 a7 30 89 cf 8c ac  |Z..P...U.U.0....|
00402b20  00 07 06 02 97 0a 86 1b  52 c4 cf c7 1c 8e 54 b3  |........R.....T.|
00402b30  9e 65 de b2 08 1e ea 9c  d6 b0 9c 9a 26 2c e1 9d  |.e..........&,..|
00402b40  41 fb e7 99 10 20 5c 23  79 ff 91 16 22 09 d6 1e  |A.... \#y..."...|
00402b50  9e ee 1a 25 a5 24 32 c2  d4 cb 77 c1 6b 7f 39 d2  |...%.$2...w.k.9.|
00402b60  bc ba 80 8f 0e 8d b3 ba  41 98 59 03 18 46 d7 3c  |........A.Y..F.<|
00402b70  b3 d4 bc 16 28 01 f2 61  37 33 3b 65 8f f6 f4 cd  |....(..a73;e....|
00402b80  3f 0c 86 2c 91 cf 13 7b  83 12 d7 2a fc 4b e2 c8  |?..,...{...*.K..|
00402b90  c5 29 aa e5 5c e7 af 02  e0 4d 4e 97 8f fb e5 34  |.)..\....MN....4|
00402ba0  49 cb ab ba 20 b5 db 21  64 3b 82 f7 bd e2 cf 7d  |I... ..!d;.....}|
00402bb0  68 c2 0b 2d 82 de 29 83  7e 21 a2 f4 7a e4 ed 28  |h..-..).~!..z..(|
00402bc0  06 e5 fc 99 10 c3 e6 d6  e7 6a 6d 83 13 76 c5 0a  |.........jm..v..|
00402bd0  88 9e d4 a1 16 b0 f2 a7  56 f4 4a ab 8f 2e 7d 8b  |........V.J...}.|
00402be0  57 3e 45 d7 91 b4 eb 88  06 37 e7 4e 9f 80 62 fa  |W>E......7.N..b.|
00402bf0  32 e1 3e d6 04 40 67 b0  1d 71 df 2f 13 82 a3 8a  |2.>..@g..q./....|
00402c00  ee 8e 9e 6f 0d 4d 3e d5  80 0d cc c0 62 a1 38 7d  |...o.M>.....b.8}|
00402c10  10 4c 7b c3 cb 1c 56 48  41 f2 7b 8a f3 9e bc aa  |.L{...VHA.{.....|
00402c20  ac 77 ec ae b7 f6 83 b3  96 96 98 46 08 23 b0 17  |.w.........F.#..|
00402c30  f2 3d 59 b4 2e af 8d 84  55 ed 05 28 08 dd 5a 9e  |.=Y.....U..(..Z.|
00402c40  44 e6 38 6d ff 18 d5 73  b9 de b7 7f 68 6c a9 c9  |D.8m...s....hl..|
00402c50  67 64 eb e3 14 2f 90 29  8a be 10 4d 87 d2 02 de  |gd.../.)...M....|
00402c60  af 45 92 30 89 e6 4b 61  f3 7e c9 ae 88 94 f0 19  |.E.0..Ka.~......|
00402c70  0f e0 e0 67 fc 9e 86 60  cb 7d e2 7b 37 2d 60 d6  |...g...`.}.{7-`.|
00402c80  81 5e e2 f9 83 df e8 f6  6e a4 18 cd a4 0a fa fd  |.^......n.......|
00402c90  33 c1 44 44 6d 0e 67 e5  12 a1 83 77 e5 ce bf 4d  |3.DDm.g....w...M|
00402ca0  27 74 c9 0f fc 1f 7f a8  5a 8b fa bd ba 91 70 ef  |'t......Z.....p.|
00402cb0  ea e7 94 59 93 a2 a8 b7  58 8f df 59 78 fd 2d 54  |...Y....X..Yx.-T|
00402cc0  ac 69 40 24 10 48 71 da  8f 90 e3 02 00 db c5 3e  |.i@$.Hq........>|
00402cd0  c0 d2 d2 c0 02 dd 13 66  04 37 31 2f ac 24 b6 c4  |.......f.71/.$..|
00402ce0  2a b3 83 60 33 70 ac 25  ae 71 f9 bf 9c eb cc be  |*..`3p.%.q......|
00402cf0  5e 83 7e d8 1b 9e 3e db  0f ca 58 6a 15 4d 4a 50  |^.~...>...Xj.MJP|
00402d00  13 e0 a2 00 6b 21 9c ea  79 ac fe 90 4f 9e d5 ab  |....k!..y...O...|
00402d10  b0 07 25 1c 00 ee c6 46  2d 61 dd 2f e7 e3 12 40  |..%....F-a./...@|
00402d20  b7 fb 22 5b 23 35 d8 67  e5 10 2a 2d 7c b4 1f 06  |.."[#5.g..*-|...|
00402d30  4a 2e 13 13 6d 45 0c ba  c7 0d b0 46 bb d5 d0 c2  |J...mE.....F....|
00402d40  36 11 38 bf 4a e9 c6 e3  59 f1 9c b0 48 1e 49 36  |6.8.J...Y...H.I6|
00402d50  53 95 8b 61 fd 5a 95 7b  62 d9 cd 57 1a 30 c1 eb  |S..a.Z.{b..W.0..|
00402d60  f6 8f ea cb 07 09 c1 2c  7a bb 10 db e0 84 4d f7  |.......,z.....M.|
00402d70  fc 7e 82 43 c3 48 77 fd  bb ae 9c 1a 7d 4b 59 7d  |.~.C.Hw.....}KY}|
00402d80  74 80 55 e4 5c 50 2e ab  0e c9 11 ad 12 f8 10 e4  |t.U.\P..........|
00402d90  27 d0 96 8a f0 d0 d6 f3  6d cf 5f 92 2c 1e bf 59  |'.......m._.,..Y|
00402da0  38 48 75 b5 df 93 5c 15  13 ed 0d 44 a5 3a ba 7c  |8Hu...\....D.:.||
00402db0  ad ad f6 e9 f2 3a 5a b1  32 90 1e 4e 52 f2 55 64  |.....:Z.2..NR.Ud|
00402dc0  e9 df a9 9a bc 7b 2f 5e  88 0f 75 74 f6 a0 7a f2  |.....{/^..ut..z.|
00402dd0  42 d1 00 c0 20 ad 81 a5  9d 16 26 41 2e 38 da 7d  |B... .....&A.8.}|
00402de0  1a b0 f8 20 94 bd 0f 6d  02 ef 82 40 81 0b ce 43  |... ...m...@...C|
00402df0  35 d8 22 bd b7 a2 4c 0c  4c af 9f a6 e8 b6 74 47  |5."...L.L.....tG|
00402e00  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|

Original comment by matthieu...@gmail.com on 14 Dec 2013 at 6:39