Teach you to do an IOS jailbreak app

Objective

As the saying goes, everything starts hard. It's just a small app that's so simple that it's not really an app, it just injects a piece of code into the system, waits for a specific function method call to be dropped by us, executes the code we wrote, that's all.

Haha, is such a small function, make me burn a night, so we do not have to fear, even my rookie can achieve, as long as you seriously see my summary, you can also do their own jailbreak iphone, ipad hey up!

PS: To commemorate this divine moment, even if it's such a simple procedure I put it on my GitHub, it's a milestone. There is in case I forget the day when I can look back to see the knowledge can be picked back. First jailbreak code, GitHub portal

Https://github.com/Jerry4me/JRFirstJailBreakApp

Needless to say, we're straight to the chase!

Prepare for action

What you need to prepare is:

• A Mac

• An already jailbroken iphone or IPad

• Theos

• Xcode

• Xcode Command Line Tools

• Dpkg

Mac

This one.. Let's not say it. No, no, the virtual machine can also be on top.

Jailbreak iphone

Jailbreak method Online has a lot of mature methods, my 4s with the PP assistant really close to a key jailbreak. Of course, this jailbreak iphone also needs to be configured.

Installing OpenSSH

It must be configured here because it is then connected directly to the phone with a command line on the computer to install the phone. The method is also very simple, cydia the main interface pull down there is OpenSSH configuration method, here no longer repeat.

PS: The following, the configuration is after the original root password, must be modified, otherwise it is easy to let the uneasy kind of people connect to your phone.

Here's how:

Go to command line tool

SSH [email protected] The IP address of your phone

passwd

The input logout can be disconnected after the modification.

Because every time with SSH link phone need to enter a password more trouble, there is a way to once and for all, we can self-google~

Installing APT and Ldid

Search apt and ldid directly in Cydia and install.

Xcode

Believe in iOS development. I'm not going to say it anymore, but if you have more than one xcode on your Mac, you'll need to specify a theos default Xcode using the following instructions.

sudo xcode-select-s/application/xcode.app/contents/developer Everyone according to their actual location of Xcode to decide.

Xcode Command Line Tools

Execute xcode-select--install at the command line

Dpkg

First install the Macport, download the installation on the official website on the line. After installation, you can see if the installation was successful by entering Port version on the command line.

Then enter sudo port install dpkg to install dpkg, dpkg is used to package the tweak code we wrote into Deb's tool

PS: Jailbreak app installs package suffix. deb, without jailbreak for. IPA.

Theos

Our protagonist is finally on the pitch. Our code is written in this software.

Download Theos

Export Theos=/opt/theos configures the environment variable, and later THEOS is equivalent to THEOS absolute path, that is/opt/theos

sudo git clone git://github.com/dhowett/theos.git $THEOS download from GitHub Theos

Configure Ldid

Download Ldid from here, put him under/opt/theos/bin/and give it executable permissions with the following command

Http://joedj.net/ldid

sudo chmod 777/opt/theos/bin/ldid

Fix Theos Bug

First, search for the installation cydiasubstrate in Cydia, and then use Ifunbox or SCP, and so on, the/library/frameworks/cydiasubstrate.framework/on iOS Cydiasubstrate Copy to Mac, rename to Libsubstrate.dylib and put to/opt/theos/lib/, replace invalid file. (The Lib folder on my Mac is an empty folder.)

OK, we're done, we can finally use the Theos to make a fist!!!

Create a Theos Project

The Theos project is still created using the command line

/opt/theos/bin/nic.pl: Automatic nic (New Instance Creator).

And then there will be a lot of templates, just like Xcode when we created the project there are many templates for us to choose, is the command line Tool or the single View application .... And here it is. We chose to iphone/tweak this.

Project Name: Item names

Package Name: Name packaged as a deb bundle (similar to bundle identifier)

Author/maintainer Name: Author name

MobileSubstrate Bundle Filter: The project role of the object of the bundle identifier, want to hook which app, enter which app bundle identifier. For example, it could be com.tencent.wechat.

List of application to terminate upon installation: Applications that need to be restarted after the tweak installation is complete, typically restart springboard. (equivalent to restarting the desktop). If not, enter-

OK, project creation is complete.

Theos Basic Knowledge

After creation, there are usually 4 files

Makefile

Tweak. XM

Control

XXX. Plist

Makefile

This file specifies the files, frames, libraries and other information used in the project. For example, your TWEAK.XM file is used for Uikit, foundation and other frameworks, all described here. What can be written in the details of what you can do Google for yourself.

It is important to note that if you want the program to be installed on the phone via SSH, you must add a

THEOS_DEVICE_IP = IP address of the phone

Tweak.xm

We write the code of the file, the suffix x represents this file supports logos syntax. M represents support for C + +. If there is only a single x representing support for logos and C, XM supports both the logos and the C + +. With our. m and. mm one meaning.

The default content of this file is a comment, simple guide book. Here are some of the concepts we used

%hook

%hook ClassName: The representative wants to hook this class.

%Hook Springboard

/* Here is the function you want to hook, method */

%End

%orig

Used inside a hook function to represent the original code that invokes the hooked function

%log

Used in the hook of the function inside, used to print the function of the class name, parameters and other information, you can also append the information you want to print.

%new

Used inside the%hook to add a new function to an existing class.

PS: There are some such as%group,%ctor,%init,%c and so on, we can use Google's own usage, here no longer repeat

Control

This file records the basic information required by the Deb package management system and is packaged into the Deb package.

Xxx.plist

Similar to the Info.plist function in our application.

Start coding

Since our app is very small, it only shows a alertview when iphone boot Springboard.app is complete, so our code is very streamlined

%Hook Springboard

- (void)applicationdidfinishlaunching:(ID)application

{

%orig; //Call the original code

Uialertview *Alert = [[uialertview alloc] initwithtitle:@" Welcome to IPhone 4s! " message:nil delegate:self cancelbuttontitle:@"goddamn!" otherbuttontitles:nil];

[alert Show]; //Show pop -up window

}

%End

Compile + pack + Install

You can compile the Theos project by using the Make command under the project folder. Compile complete the current directory will have one more obj folder

Make the Package command, Packager. After packaging is successful, there will be one more package folder in the current directory, and your Deb file will be inside.

Make package Install: Compile + package + Install one-stop service, directly after the program is compiled and installed on your phone via SSH connection. Of course you can also put the Deb file on your phone and use ifile or other apps to install it.

done! enjoyourself!

PS: Configuration files and code can be found on my GitHub, what do not understand can Google or leave a message here, I will reply as soon as possible, learn from each other, common progress! Good luck!

Teach you to do an IOS jailbreak app