02-02-2020, 09:26 PM
Hey, so i'm trying to find offsets for iOS 13.2.3 iPhone 10,3 but there seem to be no symbols.
I used jtool2 --analyze /Users/brandonplank/Desktop/kernelcache
and I didnt get anything useful.....
Here is the output
_______________________________________________________________________________
This is a BVX kernelcache - I support that now
Analyzing kernelcache..
This is a new-style A11 kernelcache (Darwin Kernel Version 19.0.0: Wed Oct 9 22:42:11 PDT 2019; root:xnu-6153.42.1~1/RELEASE_ARM64_T8015)
-- Processing __TEXT_EXEC.__text..
Disassembling 21686860 bytes from address 0xfffffff007b88000 (offset 0xb84000):
__ZN11OSMetaClassC2EPKcPKS_j is 0xfffffff0080ae7c8 (OSMetaClass)
Analyzing __DATA.__data..
Got _localnode_id @0xfffffff009044620
Analyzing __DATA.__sysctl_set..
Analyzing fuctions...
FOUND ops at 0xfffffff007bc1fb0!
Analyzing __DATA_CONST.. (1st pass)
-- Note: The is_iokit MIG subsytem contains more messages (90) than I expected (88)
LAST ARG0 : fffffff007793870 , fffffff0074cf620, 9a4a
last Arg2 is not 0?
processing flows...
Analyzing __DATA_CONST.. (2nd pass)
GOT PTHREAD SHIMS! (0xfffffff00790a140)
Getting zone map data
opened companion file ./kernelcache.ARM64.DDF47349-048B-3A39-B02D-2785D47CAC36
Dumping symbol cache to file
Symbolicated 4877 symbols and 83706 functions
_______________________________________________________________________________
But when i tried to find the offsets like _rootvnode, nothing showed up.
![[Image: Screen-Shot-2020-02-02-at-4-24-34-PM.png]](https://i.ibb.co/v4jsp1X/Screen-Shot-2020-02-02-at-4-24-34-PM.png)
idk how to fix this..
I used jtool2 --analyze /Users/brandonplank/Desktop/kernelcache
and I didnt get anything useful.....
Here is the output
_______________________________________________________________________________
This is a BVX kernelcache - I support that now
Analyzing kernelcache..
This is a new-style A11 kernelcache (Darwin Kernel Version 19.0.0: Wed Oct 9 22:42:11 PDT 2019; root:xnu-6153.42.1~1/RELEASE_ARM64_T8015)
-- Processing __TEXT_EXEC.__text..
Disassembling 21686860 bytes from address 0xfffffff007b88000 (offset 0xb84000):
__ZN11OSMetaClassC2EPKcPKS_j is 0xfffffff0080ae7c8 (OSMetaClass)
Analyzing __DATA.__data..
Got _localnode_id @0xfffffff009044620
Analyzing __DATA.__sysctl_set..
Analyzing fuctions...
FOUND ops at 0xfffffff007bc1fb0!
Analyzing __DATA_CONST.. (1st pass)
-- Note: The is_iokit MIG subsytem contains more messages (90) than I expected (88)
LAST ARG0 : fffffff007793870 , fffffff0074cf620, 9a4a
last Arg2 is not 0?
processing flows...
Analyzing __DATA_CONST.. (2nd pass)
GOT PTHREAD SHIMS! (0xfffffff00790a140)
Getting zone map data
opened companion file ./kernelcache.ARM64.DDF47349-048B-3A39-B02D-2785D47CAC36
Dumping symbol cache to file
Symbolicated 4877 symbols and 83706 functions
_______________________________________________________________________________
But when i tried to find the offsets like _rootvnode, nothing showed up.
idk how to fix this..