Comments (14)
In order to connect to the ramdisk, you need to forward local port 1999 to port
1999 on the device. You can do this using the following command :
cd usbmuxd-python-client && python tcprelay.py -t 22:2222 1999:1999
This also allows you to ssh into the device by connecting to localhost:2222
(documentation will be updated soon :)
Original comment by [email protected]
on 9 Oct 2011 at 7:47
- Changed state: Accepted
from iphone-dataprotection.
Hello Jean.
Tank you again for the propt response.
i will follow your advice certain that it will work.
As far as documentation goes, i think it would cut your workload in half as far
as handling these issues goes if at least some generic documentations existed
in the workflow. I think this is a fantastic set of tools and at least the
purpose of them could be mentioned in such workflow.
then of course compiling errors etc can always be discussed.
To just explain what this mentions to my case.
i have already done dd backup of my 30GB iphone 4 partition. i can already
browse it with hfs explorer (though every photo i export is unleggible, but
that is for another time.). so my need is to decrypt this thing and i'm led to
believe i can do that with emf_decrypter. this last one i have correctly built
on mac with all the right dependencies and the binary runs fine. so i turns out
i need the plist file.
i have access to all levels of my device (infact i need to decrypt the backup
so i can then photorec on it).
the device is jailbroken, and i have ssh access. is there anyway for me to
retrieve such plist file without the rest of the process.
and if not, so i so at least i move into the productive direction,
what are the simplest pointers you could hand me?
again, thank you in advance and best regards
Original comment by [email protected]
on 10 Oct 2011 at 9:17
from iphone-dataprotection.
tcprelay works like a charm now. like i mentioned b4 my device is already jb-ed
so i'm hoping that means i won't have to start injecting. at this point i'm
thinking all i need is that plist file.
if it's not too much hassle how do i go abt that?
i have been reading through all of the readme files and all the issues trying
to get pointers, and i could be wrong but all i read is abt injecting to jb.
which is done.
again, thank you in advance and best regards
Original comment by [email protected]
on 10 Oct 2011 at 7:59
from iphone-dataprotection.
Hi,
you have to build the ramdisk using the build_ramdisk.sh script (assuming the
ramdisk tools are compiled ok)
Then, compile cyanide_bootramdisk and syringe, and boot the ramdisk using the
following command :
./syringe/utilities/tetherboot -p cyanide_bootramdisk/payload -r myramdisk.dmg
Original comment by [email protected]
on 10 Oct 2011 at 8:14
from iphone-dataprotection.
Fantastic. Now i feel i'm moving in a good direction.
Seems like device needs to be in DFU mode for this right.
The ramdisk i created is the default one done by the bash script, and it's 4.1-
Meanwhile on my phone is on 4.3.3.
Is that going to be a problem? i can still kick my phone off dfu afterwards
right? the usual reboot way?
Original comment by [email protected]
on 10 Oct 2011 at 8:40
from iphone-dataprotection.
Yes, you need to be in dfu mode
the version of the ramdisk does not have to match the installed version.
once you are done with the ramdisk you can reboot using the "reboot" command
through ssh, or just rebooting the device with the buttons
Original comment by [email protected]
on 10 Oct 2011 at 9:15
from iphone-dataprotection.
Went into DFU and proceeded as instructed.
At this point i am at the issue reported here
http://code.google.com/p/iphone-dataprotection/issues/detail?id=20
i'm in a going to try again. as the binary exited just as reported above.
once again i'd like to thank you for your great help and contribution.
meanwhile i see present on my mac : kernelcache.release.n90, iBSS.n90ap,
DeviceTree.n90ap.
so i hopefully don't have to bother you anymore, seeing i will work on this for
ages tonight, what is my following step once i make this go the right way?
given the above ste
Original comment by [email protected]
on 10 Oct 2011 at 9:23
from iphone-dataprotection.
repeating. tried it with firmware 4.3.3. though as you said it would not matter.
after resetting device counters i get this.
libusb:error [darwin_transfer_status] transfer error: timed out
Exiting libpois0n
on the iphone screen, after a long process:
Listening on port 1999
AppleBCMWLAN::handleIOKitBusyWatchdogTimeout(): Error, no successful firmware
download after 60000 ms!! Giving up...
I'm gonna try again. though i was sure i cleared the devicetree...
Original comment by [email protected]
on 10 Oct 2011 at 10:53
from iphone-dataprotection.
Hello,
if you have the "Listening on port 1999" message on the device it means it
worked, you can now run the demo_bruteforce.py script and it will created the
plist file required for emf_decrypter. You can also ssh into the device at that
point.
Original comment by [email protected]
on 11 Oct 2011 at 6:11
from iphone-dataprotection.
[deleted comment]
from iphone-dataprotection.
Perfect.
I was just being thick. Long day. hehe
so i went agead and repeated the process (for some reason repeating it with a
4.1 ipsw left me hanging on white screen on the device. 4.3.3 worked just
fine), tcprelay-ed into the device and ran the python bruteforce script.
The output i believe is certainly positive as it had all of my account pwds
showing in cleartext.
Then i found my keychain and the plist file.
Now onto emf_decrypter (which i have previously compiled, so no hassle there).
This is going to take a bit as i have to decrypt a 30G image.
Original comment by [email protected]
on 11 Oct 2011 at 8:05
from iphone-dataprotection.
Ok,
do not forget to make a backup of the disk image before in case something goes
wrong.
Also, you should use the python version of emf_decrypter, the C version has
known bugs. For the python version you need pycrypto and construct.
Original comment by [email protected]
on 11 Oct 2011 at 8:07
from iphone-dataprotection.
In fact something went wrong with the c version :)
I just opened an issue about it.
I had made a backup and now i'm making a second copy yo try again :)
will the python version need the plist too in the same path?
Original comment by [email protected]
on 11 Oct 2011 at 8:11
from iphone-dataprotection.
Original comment by [email protected]
on 14 Oct 2011 at 12:49
- Changed state: Done
from iphone-dataprotection.
Related Issues (20)
- jailbreak semi untethered 7.1.1 iphone 4 stuck at apple logo HOT 1
- Problem with keychain_tool.py on iOS 7.1.1 HOT 2
- Get Less Backupuuid HOT 4
- Comparability with C or C++
- iPhone 4 Rev A IOS 7.0.4
- Some File Missing in downloaded Icloud backup only show 100 files maximum
- listing and Downnloading only 100 files of icloud data
- How can i extract a certificate/identity from I0s7 with keychain_dump?
- Offline iOS_examiner crashes
- Device UNSUPPORTED error HOT 1
- extract email's passwords from an encrypted ios backup .. !!
- rqrq
- ios 8.1 icloud backup HOT 2
- Cannot brute force passcode on iPhone 3GS (32GB)
- iOS 8.1.2 ios_examiner undelete error HOT 1
- dataRecovery.py is showing error HOT 2
- Key not matching cert (iOS 7)
- DFU mode firmware updataion
- how to bruteforce in windows
- NAND Dumper in ios examiner doesn't seem to start
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from iphone-dataprotection.