porting Sharing.framework for AirDrop

[OrkhanAlikhanov]

Thank you so much for initiating this work. I hope you'll finish it up soon. I am coming from your blog post which is really really cool! Great analysis. I was trying to port AirDrop capability to iPad 3, I spent my last night on it until I came across your blog post. I would've saved time if I found it before, lol. To be hones, it seems really difficult for me to extract libraries from cache. Anyways, great work!

The only file that I need for AirDrop iPad3 is Sharing dylib from dyld_shared_cache_arm7 which I hope I will get through this project. Thank you again!

[zhuowei]

@OrkhanAlikhanov note that this didn't really work out well, and I gave up on this approach. An older version of Comex's yadsc might be a better option.

Also, I only looked at arm64, so I assumed all the pointers are 64-bit, so this won't work on armv7 - hopefully the post can help you do the same for armv7 though.

[OrkhanAlikhanov]

You mean this one comex/imaon2?

[zhuowei]

@OrkhanAlikhanov in the iOS 9 era I remember the binary build https://github.com/comex/imaon2/releases worked for extracting; I didn't try to load it back. The Wiki says that project has the best output though....

Do you know if the iPad 3's wifi even has the right firmware to do AirDrop/awdl?

Edit: also, Siri ports replace the entire dyld cache for one daemon; have you tried that?https://www.theiphonewiki.com/wiki/Siri

[OrkhanAlikhanov]

Thank you I'll give it a try!

Yep, there was a tweak called AirDrop Enabler for iOS 7.0+ and it was reported to be working on iPad 3 but not on iPhone 4.

[OrkhanAlikhanov]

@zhuowei I extracted Sharing framework yasce unfortunately dyld refused it with overlapping segments error.

iPad:~ root# /usr/libexec/sharingd
dyld: Library not loaded: /System/Library/PrivateFrameworks/Sharing.framework/Sharing
  Referenced from: /usr/libexec/sharingd
  Reason: no suitable image found.  Did find:
        /System/Library/PrivateFrameworks/Sharing.framework/Sharing: overlapping segments
Trace/BPT trap: 5

[OrkhanAlikhanov]

Regarding entire dyld cache for one daemon, I had read about it in your blog post. I avoided it because the cache file is 500MB and my iPad's usb port is broken. I work over wifi connection. Thank you reminding me of it, I'll try that!

[zhuowei]

@OrkhanAlikhanov that explains why you're working on AirDrop ;) Good luck.

[OrkhanAlikhanov]

Hey! Unfortunately I couldn't make it work no matter what I try.

[zhuowei]

@OrkhanAlikhanov Ah, ok. Are you going to write up what you tried?

[OrkhanAlikhanov]

In a nutshell, lastly, I tried entire dyld cache for one daemon method. Here are my steps:

1. Copied dyld_shared_cache_armv7 to a random folder /private/var/cache/dyld
2. Modified com.apple.SpringBoard.plist to include DYLD_SHARED_CACHE_DIR and other env vars
3. Did a respring (did not work)
4. Did a reboot (did not work)

I got the same errors as before:

> launchctl load /System/Library/LaunchDaemons/com.apple.sharingd.plist
> /System/Library/LaunchDaemons/com.apple.sharingd.plist: The specified service path was not in the service cache

and

> /usr/libexec/sharingd
> dyld: Library not loaded: /System/Library/PrivateFrameworks/Sharing.framework/Sharing
  Referenced from: /usr/libexec/sharingd
  Reason: image not found
Trace/BPT trap: 5

[zhuowei]

@OrkhanAlikhanov For running the sharingd on the command line, did you pass the environmental vars in?

DYLD_SHARED_REGION=private DYLD_SHARED_CACHE_DIR=/private/var/cache/dyld DYLD_SHARED_CACHE_DONT_VALIDATE=1 DYLD_PRINT_SEGMENTS=1 /usr/libexec/sharingd

[OrkhanAlikhanov]

Hmm, interesting, I thought that exports are valid of com.apple.SpringBoard.plist only which (I thought) loads the cache.

Thanks! I'll try that and report back soon.