Just want the binaries?
Head over to Releases. :)
- Jailbroken Device
tfp0
kernel patch (see below)- If you don't have XCode:
- GNU make
- C compiler for iOS
- Code signing utility
A kernel patch is required for these tools to work, since access to kernel memory is natively unavailable for obvious reasons.
That patch is normally referred to as task-for-pid-zero
(short tfp0
), and is included in almost every public jailbreak.
The latest release of these tools is confirmed to work with:
- p0sixspwn on 6.1.6
- TaiG on 8.4
- Pangu9 on 9.1
Jailbreaks that DO NOT seem to enable tfp0
, and thus DO NOT work with kern-utils:
- Pangu9 on 9.0.x
- Pangu9 on 9.2-9.3.3
If you have information about how the kernel task port can be obtained in these versions, please open a ticket and tell me.
Name | Function |
---|---|
kdump | Dump a running iOS kernel to a file |
kmap | Visualize the kernel address space |
kpatch | Apply patches to a running kernel |
kmem | Dump kernel memory to the console |
khead | Parse and display the Mach-O header of the kernel |
git clone https://github.com/Siguza/ios-kern-utils
cd ios-kern-utils
make
For make
you may also specify the following environment variables:
Name | Function | Default value | ||
---|---|---|---|---|
OS X | iOS | Linux | ||
IGCC |
iOS compiler | xcrun -sdk iphoneos gcc |
clang |
ios-clang |
IGCC_ARCH |
Target architecture(s) | -arch armv7 -arch arm64 |
||
IGCC_FLAGS |
Custom compiler flags | none | ||
STRIP |
Symbol remover utility | xcrun -sdk iphoneos strip |
strip |
ios-strip |
SIGN |
Code signing utility | codesign |
ldid |
|
SIGN_FLAGS |
Code signing flags | -s - --entitlements misc/ent.xml |
-Smisc/ent.xml |
- Test on Linux
- Keep up with the original repo
Beware, chances are the device will panic and reboot.