做个记录 越狱ios设备 获取root权限(测试没通过)

本文详细介绍了如何通过在main.m中设置权限,正常构建应用,并将可执行文件复制到.app目录下,修改文件名并添加bash脚本来实现对非移动目录的访问。通过改变原始文件的权限和使用特定的bash脚本,SpringBoard能够首先运行此文件,然后通过传递参数启动实际的应用程序。确保在设备上SSH应用,并调整权限以顺利运行。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

It is true, the app has to run as root to access non mobile directories. After discussing this with Optimo and Saurik I finally found the right way to get root privileges.

  1. In the main.m add setuid(0); and setgid(0);
  2. Build the app normally.
  3. Then copy and paste the executable inside the .app and rename it to anything you want, don't rename the original file.
  4. Open the original executable file and delete its contents (the contents are now stored in the previously copied and renamed binary).
  5. Add this bash script to the empty binary file from 4. :

    #!/bin/bash
    dir=$(dirname "$0")
    exec "${dir}"/<COPIED FILE NAME> "$@"
    

    Springboard will run this file first because its the CFBundleExecutable, then this will launch the actual app's executable. This is done because SpringBoard would fail to directly launch the executable with root permissions

  6. Open terminal and change the directory to the .app (ex. cd /User/Me/Desktop/MyApp.app)
  7. chmod the original executable file to 0755 (ex. chmod 0755 MyCFBundleExecutable) and the copied file to 6755 (ex. chmod 6755 CFBundleExecutableRoot)
  8. SSH the .app into /Applications on your device, respring and launch it (if its not launching then repeat set 7. but by SSHing into your device via terminal)
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值