joker is another humble contribution I can provide to the community, and to all reversers out there. This hasn't stopped jailbreakers in the past, and will hopefully not stop us in the future.
32-bit kernelcaches can be decrypted thanks to the holy work by and others, but no 64-bit kernelcache keys exist (publicly), and the only way to "see" the kernel is by dumping it. And - let's not forget - the kernelcache is encrypted.
The kernelcache, being prelinked, requires less symbols to begin with (and tables in memory, as all LINKEDIT segments, are jettisoned). Apple tries their damn hardest to make reversing the kernel as hard as possible: With every release, more symbols are stripped. Joker is a quick and dirty iOS kernelcache handling utility I've written to assist in my reverse engineering. Deprecated! The functionality of joker is now built-in to Jtool2 when used with -analyze on any kernelcache
0 kommentar(er)
