From faa92c9b0054c8aeceb7e01b8d915533b2021d69 Mon Sep 17 00:00:00 2001 From: Nathan <87825638+verygenericname@users.noreply.github.com> Date: Sun, 21 Jan 2024 09:26:20 -0500 Subject: [PATCH] rename lunchd to launchd (#89) --- Makefile | 4 ++-- README.md | 4 ++-- .../launchdshim/launchdhook/Makefile | 2 +- .../launchdshim/launchdhook/main.m | 18 +++++++++--------- RootHelperSample/main.m | 14 +++++++------- usprebooter/overwriter.m | 10 +++++----- 6 files changed, 26 insertions(+), 26 deletions(-) diff --git a/Makefile b/Makefile index 7a52fe1a..0c12d875 100644 --- a/Makefile +++ b/Makefile @@ -18,10 +18,10 @@ Serotonin.tipa: $(wildcard **/*.c **/*.m **/*.swift **/*.plist **/*.xml) echo "[*] Building fastPathSign" $(MAKE) -C RootHelperSample/Exploits/fastPathSign - echo "[*] Building lunchd hook" + echo "[*] Building launchd hook" $(MAKE) -C RootHelperSample/launchdshim/launchdhook - echo "[*] Signing lunchd hook" + echo "[*] Signing launchd hook" ./ChOma_host/output/tests/ct_bypass -i RootHelperSample/launchdshim/launchdhook/.theos/obj/debug/launchdhook.dylib -r -o RootHelperSample/launchdshim/launchdhook/launchdhooksigned.dylib echo "[*] Building SpringBoard Hook" diff --git a/README.md b/README.md index 889e1878..d2ce710f 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ To use this app, you need to be on a supported version (mentioned above), and ha ## How was this done? - - It replaces launchd by searching through /sbin's vp_namecache, finds launchd's name cache and kwrites it with a patch to `lunchd`, our patched `launchd` (*you can have a look at a better explanation from AlfieCG [here](https://www.reddit.com/r/jailbreak/comments/18zehl2/comment/kgi5ya3/)*) + - It replaces launchd by searching through /sbin's vp_namecache, finds launchd's name cache and kwrites it with a patch to a patched `launchd`, (*you can have a look at a better explanation from AlfieCG [here](https://www.reddit.com/r/jailbreak/comments/18zehl2/comment/kgi5ya3/)*) - Patched launchd hooks posix_spawnp of SpringBoard and execs our own SpringBoard with springboardhook.dylib - Springboardhook loads in tweaks, ellekit, etc. - CoreTrust Bug found by [AlfieCG](https://github.com/alfiecg24) @@ -38,7 +38,7 @@ To use this app, you need to be on a supported version (mentioned above), and ha - [AlfieCG](https://github.com/alfiecg24) - helped out a ton! - [Nick Chan](https://github.com/asdfugil) - helped out a ton! - [Mineek](https://github.com/mineek) - helped out a ton, kfd offsets patchfinder -- [BomberFish](https://github.com/BomberFish) - Icon, new UI, `lunchd` name idea :trollface: +- [BomberFish](https://github.com/BomberFish) - Icon, new UI, `lunchd` name idea :trollface: (sadly had to switch back to launchd name) - [haxi0](https://github.com/haxi0) - old UI log, iOS 16.0-16.1.2 support implementation - [wh1te4ever](https://github.com/wh1te4ever) - SwitchSysBin fix for 16.0-16.1.2 - [Evelyne](https://github.com/evelyneee) for showing it was possible. diff --git a/RootHelperSample/launchdshim/launchdhook/Makefile b/RootHelperSample/launchdshim/launchdhook/Makefile index 2ae71c70..8e431e20 100644 --- a/RootHelperSample/launchdshim/launchdhook/Makefile +++ b/RootHelperSample/launchdshim/launchdhook/Makefile @@ -11,6 +11,6 @@ launchdhook_CODESIGN_FLAGS = -S../launchdentitlements.plist launchdhook_LDFLAGS = -F./Frameworks launchdhook_EXTRA_FRAMEWORKS += IOMobileFramebuffer IOSurface after-package:: - echo "[*] Signing lunchd hook" + echo "[*] Signing launchd hook" ct_bypass -i .theos/obj/debug/launchdhook.dylib -o launchdhooksigned.dylib include $(THEOS_MAKE_PATH)/library.mk diff --git a/RootHelperSample/launchdshim/launchdhook/main.m b/RootHelperSample/launchdshim/launchdhook/main.m index 34062f82..6d5d6e87 100644 --- a/RootHelperSample/launchdshim/launchdhook/main.m +++ b/RootHelperSample/launchdshim/launchdhook/main.m @@ -59,10 +59,10 @@ void change_launchtype(const posix_spawnattr_t *attrp, const char *restrict path for (size_t i = 0; i < sizeof(prefixes) / sizeof(prefixes[0]); ++i) { size_t prefix_len = strlen(prefixes[i]); if (strncmp(path, prefixes[i], prefix_len) == 0) { -// FILE *file = fopen("/var/mobile/lunchd.log", "a"); +// FILE *file = fopen("/var/mobile/launchd.log", "a"); if (/*file && */attrp != 0) { // char output[1024]; -// sprintf(output, "[lunchd] setting launch type path %s to 0\n", path); +// sprintf(output, "[launchd] setting launch type path %s to 0\n", path); // fputs(output, file); // fclose(file); posix_spawnattr_set_launch_type_np((posix_spawnattr_t *)attrp, 0); // needs ios 16.0 sdk @@ -76,7 +76,7 @@ void change_launchtype(const posix_spawnattr_t *attrp, const char *restrict path int hooked_posix_spawn(pid_t *pid, const char *path, const posix_spawn_file_actions_t *file_actions, const posix_spawnattr_t *attrp, char *const argv[], char *const envp[]) { change_launchtype(attrp, path); -// const char *coolerLaunchd = jbroot(@"lunchd").UTF8String; +// const char *coolerLaunchd = jbroot(@"launchd").UTF8String; // if (attrp) { // short flags; // if (!posix_spawnattr_getflags(attrp, &flags)) { @@ -98,9 +98,9 @@ int hooked_posix_spawnp(pid_t *restrict pid, const char *restrict path, const po if (!strncmp(path, springboardPath, strlen(springboardPath))) { posix_spawnattr_set_launch_type_np((posix_spawnattr_t *)attrp, 0); -// FILE *file = fopen("/var/mobile/lunchd.log", "a"); +// FILE *file = fopen("/var/mobile/launchd.log", "a"); // char output[1024]; -// sprintf(output, "[lunchd] changing path %s to %s\n", path, coolerSpringboard); +// sprintf(output, "[launchd] changing path %s to %s\n", path, coolerSpringboard); // fputs(output, file); path = coolerSpringboard; // fclose(file); @@ -121,10 +121,10 @@ bool hook_xpc_dictionary_get_bool(xpc_object_t dictionary, const char *key) { int bootscreend_main(); __attribute__((constructor)) static void init(int argc, char **argv) { // FILE *file; -// file = fopen("/var/mobile/lunchd.log", "w"); +// file = fopen("/var/mobile/launchd.log", "w"); // char output[1024]; -// sprintf(output, "[lunchd] launchdhook pid %d", getpid()); -// printf("[lunchd] launchdhook pid %d", getpid()); +// sprintf(output, "[launchd] launchdhook pid %d", getpid()); +// printf("[launchd] launchdhook pid %d", getpid()); // fputs(output, file); // fclose(file); // sync(); @@ -143,7 +143,7 @@ bool hook_xpc_dictionary_get_bool(xpc_object_t dictionary, const char *key) { } // bootscreend_main(); - printf("[lunchd] launchdhook pid %d", getpid()); + printf("[launchd] launchdhook pid %d", getpid()); if (getpid() == 1) { printf("============\n"); printf("== WE ARE ==\n"); diff --git a/RootHelperSample/main.m b/RootHelperSample/main.m index 7cb53e3a..1a9193a4 100644 --- a/RootHelperSample/main.m +++ b/RootHelperSample/main.m @@ -289,7 +289,7 @@ int main(int argc, char *argv[], char *envp[]) { if (!jbroot(@"/")) { NSLog(@"jbroot not found..."); } else { -// if (!jbroot(@"lunchd")) { +// if (!jbroot(@"launchd")) { // 1. install roothide bootstrap // 2. copy over launchd to your macos from your phone NSLog(@"copy launchd over"); @@ -300,8 +300,8 @@ int main(int argc, char *argv[], char *envp[]) { // sleep(1); NSLog(@"sign launchd over and out"); spawnRoot(rootHelperPath(), @[@"codesign", source, @""], nil, nil); - // 3. copy over workinglaunchd to your jbroot/lunchd - [[NSFileManager defaultManager] copyItemAtPath:[usprebooterappPath() stringByAppendingPathComponent:@"workinglaunchd"] toPath:jbroot(@"lunchd") error:nil]; + // 3. copy over workinglaunchd to your jbroot/launchd + [[NSFileManager defaultManager] copyItemAtPath:[usprebooterappPath() stringByAppendingPathComponent:@"workinglaunchd"] toPath:jbroot(@"launchd") error:nil]; // 4. copy over launchdhooksigned.dylib as jbroot/launchdhook.dylib [[NSFileManager defaultManager] copyItemAtPath:[usprebooterappPath() stringByAppendingPathComponent:@"launchdhooksigned.dylib"] toPath:jbroot(@"launchdhook.dylib") error:nil]; // 5. copy over your regular SpringBoard.app to jbroot/System/Library/CoreServices/SpringBoard.app @@ -326,7 +326,7 @@ int main(int argc, char *argv[], char *envp[]) { // remove workinglaunchd [[NSFileManager defaultManager] removeItemAtPath:[usprebooterappPath() stringByAppendingPathComponent:@"workinglaunchd"] error:nil]; // } else { -// NSLog(@"lunchd was found, you've already installed"); +// NSLog(@"launchd was found, you've already installed"); // } } } else if ([action isEqual: @"uninstall"]) { @@ -334,13 +334,13 @@ int main(int argc, char *argv[], char *envp[]) { if (!jbroot(@"/")) { NSLog(@"jbroot not found..."); } else { - if (!jbroot(@"lunchd")) { - NSLog(@"not continuing, lunchd wasn't found to remove"); + if (!jbroot(@"launchd")) { + NSLog(@"not continuing, launchd wasn't found to remove"); return -1; } else { removeItemAtPathRecursively(jbroot(@"/System/Library/CoreServices/SpringBoard.app/")); [[NSFileManager defaultManager] removeItemAtPath:@"/var/mobile/Serotonin.jp2" error:nil]; - [[NSFileManager defaultManager] removeItemAtPath:jbroot(@"lunchd") error:nil]; + [[NSFileManager defaultManager] removeItemAtPath:jbroot(@"launchd") error:nil]; [[NSFileManager defaultManager] removeItemAtPath:jbroot(@"launchdhook.dylib") error:nil]; } } diff --git a/usprebooter/overwriter.m b/usprebooter/overwriter.m index 989ff9c3..6ac7dcef 100644 --- a/usprebooter/overwriter.m +++ b/usprebooter/overwriter.m @@ -10,8 +10,8 @@ #include "util.h" #import "fun/vnode.h" -NSString* getLunchd(void) { - return jbroot(@"lunchd"); +NSString* getLaunchd(void) { + return jbroot(@"launchd"); } #define SYSTEM_VERSION_LOWER_THAN(v) ([[[UIDevice currentDevice] systemVersion] compare:v options:NSNumericSearch] == NSOrderedAscending) @@ -22,14 +22,14 @@ bool overwrite_patchedlaunchd_kfd(bool isBeta) { if (SYSTEM_VERSION_LOWER_THAN(@"16.4")) { uint64_t orig_nc_vp = 0; uint64_t orig_to_vnode = 0; - SwitchSysBin160("/sbin/launchd", getLunchd().UTF8String, &orig_to_vnode, &orig_nc_vp); + SwitchSysBin160("/sbin/launchd", getLaunchd().UTF8String, &orig_to_vnode, &orig_nc_vp); } else if(isBeta && SYSTEM_VERSION_EQUAL_TO(@"16.6")) { printf("[i] 16.6b1 detected!"); uint64_t orig_nc_vp = 0; uint64_t orig_to_vnode = 0; - SwitchSysBin160("/sbin/launchd", getLunchd().UTF8String, &orig_to_vnode, &orig_nc_vp); + SwitchSysBin160("/sbin/launchd", getLaunchd().UTF8String, &orig_to_vnode, &orig_nc_vp); } else { - SwitchSysBin(getVnodeAtPathByChdir("/sbin"), "launchd", getLunchd().UTF8String); + SwitchSysBin(getVnodeAtPathByChdir("/sbin"), "launchd", getLaunchd().UTF8String); } printf("[i] launchd haxed\n"); return true;