Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
iOS12 jailbreak -> layout check via cyrun

iOS12.2 not supported

JailBreak

Install unc0ver

on unc0ver

  • before jb
    • turn airplane mode ON
    • turn iOS automatic updates OFF
      • Setting App -> General -> Software Update -> Automatic Updates
    • remove OTA iOS update storage if neccessary
      • Setting App -> General -> iPhone Storage -> iOSxx.x -> delete
  • on Settings tab
    • turn Reload System Daemons OFF
    • turn Install OpenSSH ON
    • turn Reinstall Cydia ON
  • on Jailbreak tab
    • tap Jailbreak button
    • will reboot iPhone when succeeds in
      • RootFS mount
      • extracting package
      • jailbroken

on Cyrus

  • install
    • wget
    • adv-cmds

ssh your iPhone

on PC terminal: ssh root@<your iPhone IP>

Install Cyrun

https://github.com/tateu/cyrun

https://leanote.bitcode.tk/blog/post/sma11case/ios-12.1-unc0ver-Add-Cycript-Support

wget http://apt.saurik.com/debs/cycript_0.9.594_iphoneos-arm.deb
wget http://www.tateu.net/repo/files/net.tateu.cycriptlistenertweak_1.0.0_iphoneos-arm.deb
wget http://www.tateu.net/repo/files/net.tateu.cyrun_1.0.5_iphoneos-arm.deb
dpkg -i cycript_0.9.594_iphoneos-arm.deb
dpkg -i net.tateu.cycriptlistenertweak_1.0.0_iphoneos-arm.deb net.tateu.cyrun_1.0.5_iphoneos-arm.deb

which cyrun # => will echo cyrun bin path

Layout Check

cyrun -n <App Name on home icon> -e -d

applicationName: <App Name> is running (<pid>)
    executableName: xxx
    bundleIdentifier: xxx.xxx.xxx
    Cycript is inactive:
    Device is not passcode locked
    Tweak Mode
Do you want to continue enabling Cycript (y or n)?

Waiting for Process to close...
Waiting for Cycript to become active...
Successfully enabled, you may now run
    cycript -r xxx.xxx.xxx.xxx:xxxx
    
cy# [[UIApp keyWindow] recursiveDescription].toString() # => will show view hierarchy

Cycript command examples here:

https://mobile-security.gitbook.io/mobile-security-testing-guide/ios-testing-guide/0x06c-reverse-engineering-and-tampering#cycript-and-cynject

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.