Advertisement

Thread Rating:
  • 2 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Kernel offset finder
#1
Many offset finders exist for getting the offsets (locations) of specific functions and constants in the kernelcache.

However, these are very compactly and simple written in C.
Each time the kernel changes the offset finder needs to be updated.
And one needs to manually specify most offsets to find.

For convenience, I wrote a script that uses the radare2 disassembler to get the symbols, parses and format them and storing them in a c and header file so you can use them directly in projects.

To get started you'll need to install radare2.
On debian linux you can do that with the following command:

Code:
sudo apt-get install radare2


On macOS you can use brew to install it

Code:
brew install radare2


The offset finder uses radare2 (a free and opensource disassembler) to print out all the symbols then strips the unnamed symbols and formats them into a struct so they then can be stored and used in a c and h file.
Duplicate symbols are renamed in the c file.

You can find the offset finder and many generated structures of offsets on my website for tools: http://kernelium.com

The script is not very clean, improvements are welcome.

To automate the offset finder one can use blacktop's ipsw tool from GitHub that allows you to download and decompress all kernelcaches for a given iOS version.

I hope you can find use in it
Reply
#2
Moved this to Jailbreak Development. Thanks for the post.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  How do you find kernel offsets from a stripped kernel? Brandon Plank 0 2,946 02-02-2020, 09:26 PM
Last Post: Brandon Plank

Forum Jump:


Users browsing this thread: 1 Guest(s)

About Us
    Welcome to the Jailbreak Central Forum! Here you can get the latest iOS Jailbreak News from iDevice Central, ask your jailbreak questions and request help, and find the best iOS modding tools for downgrade, CFW iCloud Bypass, Jailbreak and so on. :-)