Beispiel #1
0
int main(int argc, char* argv[]) {
	if (argc > 1 && (!strcmp(argv[1],"--help") || !strcmp(argv[1],"-h"))) {
		printf("injectpois0n\n\t-t  Teather Boot\n\t-r  Boot ramdisk\n\t-s  Only execute iBSS payload\n\t-o  Only execute iBSS payload and boot iBoot\n\nUsage: %s [-r|-s|-o]\n", argv[0]);
		return 0;
	}
	pois0n_init();
	pois0n_set_callback(&print_progress, NULL);

	info("Waiting for device to enter DFU mode\n");
	while(pois0n_is_ready()) {
		sleep(1);
	}

	info("Found device in DFU mode\n");
	if(!pois0n_is_compatible()) {
		if (argc > 1) {
			if (!strcmp(argv[1],"-t"))
				pois0n_inject("1");
			else if (!strcmp(argv[1],"-r"))
				pois0n_inject("0");
			else if (!strcmp(argv[1],"-s"))
				pois0n_inject("2");
			else if (!strcmp(argv[1],"-o"))
				pois0n_inject("3");
		} else {
			pois0n_inject(NULL);
		}
	}

	pois0n_exit();
	return 0;
}
Beispiel #2
0
int main(int argc, char* argv[]) {
	
    if (argc > 1) {
        if (!strcmp(argv[1],"-go")){
            pois0n_init();
            pois0n_set_callback(&print_progress, NULL);
            
            info("Waiting for device to enter DFU mode\n");
            pois0n_is_ready();
            
            info("Found device in DFU mode\n");
            if(!pois0n_is_compatible()){
            pois0n_inject("2");
        }
            pois0n_exit();
        }if (!strcmp(argv[1],"-irecovery")) {
            system("build/irecovery -v -s");
        }
        
    }else {
        help();
    }
    


	return 0;
}
Beispiel #3
0
void execPayload(const char* payload_to_be_executed, int times) {
	int state = 0;
	libkrypton1te_init();
	pois0n_init();	
	do {
	iboot_command_(payload_to_be_executed);
	++state;
	} while (state != times);
}
Beispiel #4
0
int main(int argc, char* argv[]) {
	int result = 0;
	if (argc != 3) {
		usage();
	}
	const char* ibssFile = argv[1];
	const char* kernelcacheFile = argv[2];
	
	pois0n_init();
	pois0n_set_callback(&print_progress, NULL);

	info("Waiting for device to enter DFU mode\n");
	while(pois0n_is_ready()) {
		sleep(1);
	}

	info("Found device in DFU mode\n");
	result = pois0n_is_compatible();
	if (result < 0) {
		error("Your device in incompatible with this exploit!\n");
		return result;
	}
	
	result = pois0n_injectonly();
	if (result < 0) {
		error("Exploit injection failed!\n");
		return result;
	}
	
	debug("Uploading %s to device\n", ibssFile);
	irecv_error_t error = irecv_send_file(client, ibssFile, 1);
	if(error != IRECV_E_SUCCESS) {
		error("Unable to upload iBSS\n");
		debug("%s\n", irecv_strerror(error));
		return -1;
	}
	
	client = irecv_reconnect(client, 10);
	
	debug("Uploading %s to device\n", kernelcacheFile);
	error = irecv_send_file(client, kernelcacheFile, 1);
	if(error != IRECV_E_SUCCESS) {
		error("Unable to upload kernelcache\n");
		debug("%s\n", irecv_strerror(error));
		return -1;
	}
	
	error = irecv_send_command(client, "bootx");
	if(error != IRECV_E_SUCCESS) {
		error("Unable send the bootx command\n");
		return -1;
	}
	
	pois0n_exit();
	return 0;
}
Beispiel #5
0
/*
 * Class:     Jsyringe
 * Method:    exploit
 * Signature: ()I
 */
JNIEXPORT jint JNICALL Java_Jsyringe_exploit
  (JNIEnv * env, jclass jClass)
{
	int result = 0;
	irecv_error_t ir_error = IRECV_E_SUCCESS;
	irecv_client_t client = g_syringe_client;

	libpois0n_debug = 1;

	pois0n_init();

	info("Waiting for device to enter DFU mode\n");
	while(pois0n_is_ready()) {
		sleep(1);
	}

	info("Found device in DFU mode\n");
	result = pois0n_is_compatible();
	if (result < 0) {
		error("Your device in incompatible with this exploit!\n");
		goto cleanup;
	}

	result = pois0n_injectonly();
	if (result < 0) {
		error("Exploit injection failed!\n");
		goto cleanup;
	}
	result = 0;

cleanup:
	fflush(stderr);
	if (g_syringe_client) {
		irecv_close(&g_syringe_client);
		g_syringe_client = NULL;
	}
	
	//pois0n_exit();
	return result;
}
Beispiel #6
0
int tethered_boot(const char *ibssFile, const char *ibecFile, const char *kernelcacheFile, const char *ramdiskFile, const char *devicetreeFile)
{
	int result = 0;
	irecv_error_t ir_error = IRECV_E_SUCCESS;
	irecv_client_t client = g_syringe_client;

	libpois0n_debug = 1;

	pois0n_init();

	info("Waiting for device to enter DFU mode\n");
	while(pois0n_is_ready()) {
		sleep(1);
	}

	info("Found device in DFU mode\n");
	result = pois0n_is_compatible();
	if (result < 0) {
		error("Your device in incompatible with this exploit!\n");
		goto cleanup;
	}

	result = pois0n_injectonly();
	if (result < 0) {
		error("Exploit injection failed!\n");
		goto cleanup;
	}
	client = g_syringe_client;

	if (ibssFile != NULL) {
		debug("Uploading %s to device, mode: 0x%x\n", ibssFile, client->mode);
		ir_error = irecv_send_file(client, ibssFile, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload iBSS\n");
			debug("%s\n", irecv_strerror(ir_error));
			result = -1;
			goto cleanup;
		}
		
		sleep(10);

	} else {
		error("ibss can't be null\n");
		result = -1;
		goto cleanup;
	}

	if (ibecFile != NULL) {
		client = g_syringe_client = irecv_reconnect(client, 10);

		debug("Uploading iBEC %s to device, mode: 0x%x\n", ibecFile, client->mode);
		ir_error = irecv_send_file(client, ibecFile, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload iBEC\n");
			debug("%s\n", irecv_strerror(ir_error));
			result = -1;
			goto cleanup;
		}

		sleep(5);
	}

	client = g_syringe_client = irecv_reconnect(client, 10);

	if (ramdiskFile != NULL) {
		debug("Uploading ramdisk %s to device\n", ramdiskFile);
		ir_error = irecv_send_file(client, ramdiskFile, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload ramdisk\n");
			debug("%s\n", irecv_strerror(ir_error));
			result = -1;
			goto cleanup;
		}

		sleep(5);

		ir_error = irecv_send_command(client, "ramdisk");
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable send the ramdisk command\n");
			result = -1;
			goto cleanup;
		}	
	}

	if (devicetreeFile != NULL) {
	        debug("Uploading device tree %s to device\n", devicetreeFile);
		ir_error = irecv_send_file(client, devicetreeFile, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload device tree\n");
			debug("%s\n", irecv_strerror(ir_error));
			result = -1;
			goto cleanup;
		}

		ir_error = irecv_send_command(client, "devicetree");
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to send the devicetree command\n");
			result = -1;
			goto cleanup;
		}
	}
	
	if (kernelcacheFile != NULL) {
		debug("Uploading kernel %s to device, mode: 0x%x\n", kernelcacheFile, client->mode);
		ir_error = irecv_send_file(client, kernelcacheFile, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload kernelcache\n");
			debug("%s\n", irecv_strerror(ir_error));
			result = -1;
			goto cleanup;
		}

		ir_error = irecv_send_command(client, "bootx");
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable send the bootx command\n");
			result = -1;
			goto cleanup;
		}
	} else {
		error("kernelcache can't be null\n");
		result = -1;
		goto cleanup;
	}

	result = 0;

cleanup:
	fflush(stderr);
	if (g_syringe_client) {
		irecv_close(&g_syringe_client);
		g_syringe_client = NULL;
	}
	
	//pois0n_exit();
	return result;
}
Beispiel #7
0
int main(int argc, char* argv[]) {
	int result = 0;
	irecv_error_t ir_error = IRECV_E_SUCCESS;

	//int index;
	const char 
		*ibssFile = NULL,
		*ibecFile = NULL,
		*kernelcacheFile = NULL,
		*ramdiskFile = NULL,
		*bgcolor = NULL,
		*bootlogo = NULL;
	int c;

	opterr = 0;

	while ((c = getopt (argc, argv, "vhi:b:k:r:l:c:")) != -1)
		switch (c)
	{
		case 'v':
			g_verbose = true;
			break;
		case 'h':
			usage();
			break;
		case 'i':
			if (!file_exists(optarg)) {
				error("Cannot open iBSS file '%s'\n", optarg);
				return -1;
			}
			ibssFile = optarg;
			break;
		case 'b':
			if (!file_exists(optarg)) {
				error("Cannot open iBEC file '%s'\n", optarg);
				return -1;
			}
			ibecFile = optarg;
			break;
		case 'k':
			if (!file_exists(optarg)) {
				error("Cannot open kernelcache file '%s'\n", optarg);
				return -1;
			}
			kernelcacheFile = optarg;
			break;
		case 'r':
			if (!file_exists(optarg)) {
				error("Cannot open ramdisk file '%s'\n", optarg);
				return -1;
			}
			ramdiskFile = optarg;
			break;
		case 'l':
			if (!file_exists(optarg)) {
				error("Cannot open bootlogo file '%s'\n", optarg);
				return -1;
			}
			bootlogo = optarg;
			break;
		case 'c':
			bgcolor = optarg;
			break;
		default:
			usage();
	}

	pois0n_init();
	pois0n_set_callback(&print_progress, NULL);

	info("Waiting for device to enter DFU mode\n");
	while(pois0n_is_ready()) {
		sleep(1);
	}

	info("Found device in DFU mode\n");
	result = pois0n_is_compatible();
	if (result < 0) {
		error("Your device in incompatible with this exploit!\n");
		return result;
	}

	result = pois0n_injectonly();
	if (result < 0) {
		error("Exploit injection failed!\n");
		return result;
	}

	if (ibssFile != NULL) {
		debug("Uploading %s to device\n", ibssFile);
		ir_error = irecv_send_file(g_syringe_client, ibssFile, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload iBSS\n");
			debug("%s\n", irecv_strerror(ir_error));
			return -1;
		}
		
		sleep(10);

	} else {
		return 0;
	}

	if (ibecFile != NULL) {
		g_syringe_client = irecv_reconnect(g_syringe_client, 10);

		debug("Uploading iBEC %s to device\n", ibecFile);
		ir_error = irecv_send_file(g_syringe_client, ibecFile, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload iBEC\n");
			debug("%s\n", irecv_strerror(ir_error));
			return -1;
		}

		sleep(5);

	}

	g_syringe_client = irecv_reconnect(g_syringe_client, 10);

	if (ramdiskFile != NULL) {
		debug("Uploading ramdisk %s to device\n", ramdiskFile);
		ir_error = irecv_send_file(g_syringe_client, ramdiskFile, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload ramdisk\n");
			debug("%s\n", irecv_strerror(ir_error));
			return -1;
		}

		sleep(5);

		ir_error = irecv_send_command(g_syringe_client, "ramdisk");
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable send the ramdisk command\n");
			return -1;
		}	
	}

	if (bootlogo != NULL) {
	        debug("Uploading boot logo %s to device\n", bootlogo);
		ir_error = irecv_send_file(g_syringe_client, bootlogo, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload bootlogo\n");
			debug("%s\n", irecv_strerror(ir_error));
			return -1;
		}

		ir_error = irecv_send_command(g_syringe_client, "setpicture 1");
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to set picture\n");
			return -1;
		}

                ir_error = irecv_send_command(g_syringe_client, "bgcolor 0 0 0");
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to set picture\n");
                        return -1;
                }
	}

	if (bgcolor != NULL) {
		char finalbgcolor[255];
		sprintf(finalbgcolor, "bgcolor %s", bgcolor);
		ir_error = irecv_send_command(g_syringe_client, finalbgcolor);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable set bgcolor\n");
			return -1;
		}
	}
	
	if (kernelcacheFile != NULL) {
		debug("Uploading %s to device\n", kernelcacheFile);
		ir_error = irecv_send_file(g_syringe_client, kernelcacheFile, 1);
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable to upload kernelcache\n");
			debug("%s\n", irecv_strerror(ir_error));
			return -1;
		}

		ir_error = irecv_send_command(g_syringe_client, "bootx");
		if(ir_error != IRECV_E_SUCCESS) {
			error("Unable send the bootx command\n");
			return -1;
		}
	}

	pois0n_exit();
	return 0;
}
Beispiel #8
0
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpszArgument, int nFunsterStil)
{   
    // Register window class
    WNDCLASSEX wc;
    wc.cbSize = sizeof(WNDCLASSEX);
    wc.style = 0;
    wc.lpfnWndProc = WindowProcedure;
    wc.cbClsExtra = 0;
    wc.cbWndExtra = 0;
    wc.hInstance = hInstance;
    wc.hIcon = LoadIcon(GetModuleHandle(NULL), TEXT("ID"));
    wc.hCursor = LoadCursor(NULL, IDC_ARROW);
    wc.hbrBackground = (HBRUSH) (COLOR_BTNFACE + 1);
    wc.lpszMenuName = NULL;
    wc.lpszClassName = szClassName;
    wc.hIconSm = (HICON)LoadImage(GetModuleHandle(NULL), TEXT("ID"), IMAGE_ICON, 16, 16, 0);
    if(!RegisterClassEx(&wc)) return 0;

#ifdef USE_POIS0N
    pois0n_init();
    pois0n_set_callback(&ProgressCallback, NULL);
#endif

	INITCOMMONCONTROLSEX icex;
	icex.dwSize = sizeof(INITCOMMONCONTROLSEX);
	icex.dwICC  = ICC_PROGRESS_CLASS;
	InitCommonControlsEx(&icex);

    // Main window
    window = CreateWindowEx(0, szClassName, TEXT("greenpois0n"), WS_OVERLAPPED | WS_SYSMENU | SS_OWNERDRAW, CW_USEDEFAULT, CW_USEDEFAULT, 520 + GetSystemMetrics(SM_CXFIXEDFRAME), 260 + GetSystemMetrics(SM_CYFIXEDFRAME) + GetSystemMetrics(SM_CYCAPTION), HWND_DESKTOP, NULL, hInstance, NULL);

	// Jailbreak button
	nButton = CreateWindowEx(0, TEXT("BUTTON"), TEXT("Jailbreak"), BS_PUSHBUTTON | WS_VISIBLE | WS_CHILD, 20, 205, 138, 25, window, (HMENU) 1, NULL, NULL);
	SendMessage(nButton, WM_SETFONT, (WPARAM)GetStockObject(DEFAULT_GUI_FONT), FALSE);    
	
	// Progress bar
	progress = CreateWindowEx(0, PROGRESS_CLASS, NULL, WS_CHILD | WS_VISIBLE | PBS_SMOOTH, 165, 206, 335, 23, window, NULL, NULL, NULL);
	SendMessage(progress, PBM_SETPOS, 0, 0);
	EnableWindow(progress, FALSE);
	
	// Title
	title = CreateWindowEx(0, TEXT("STATIC"), TEXT("greenpois0n"), WS_VISIBLE | WS_CHILD | SS_CENTER, 141, 2, 257, 44, window, NULL, NULL, NULL);
    SendMessage(title, WM_SETFONT, (WPARAM) CreateFont(/*the*/42/*answer*/, 0, 0, 0, FW_EXTRALIGHT, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);

	// Subtitle
	subtitle = CreateWindowEx(0, TEXT("STATIC"), TEXT("Please power off your device and connect it to begin."), WS_VISIBLE | WS_CHILD | SS_CENTER, 20, 52, 480, 17, window, NULL, NULL, NULL);
	SendMessage(subtitle, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
	
	// Copyright warning
	copyright = CreateWindowEx(0, TEXT("STATIC"), TEXT("(c) 2009-2010 chronic-dev team (http://chronic-dev.org/blog/). Beware the copyright monster!"), WS_VISIBLE | WS_CHILD | SS_NOTIFY | SS_CENTER, 20, 236, 480, 13, window, (HMENU) 4, NULL, NULL);
	SendMessage(copyright, WM_SETFONT, (WPARAM) CreateFont(12, 0, 0, 0, FW_DONTCARE, FALSE, TRUE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
	
	
	// DFU group box
	group = CreateWindowEx(0, TEXT("BUTTON"), TEXT(""), BS_GROUPBOX | WS_VISIBLE | WS_CHILD, 20, 70, 480, 125, window, NULL, NULL, NULL);

	// Label #1
	first = CreateWindowEx(0, TEXT("STATIC"), dfutext[0], WS_VISIBLE | WS_CHILD | SS_CENTER, 5, 20, 370, 17, group, NULL, NULL, NULL);
	SendMessage(first, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);

	// Label #2
	second = CreateWindowEx(0, TEXT("STATIC"), dfutext[1], WS_VISIBLE | WS_CHILD | SS_CENTER, 5, 45, 370, 17, group, NULL, NULL, NULL);
	SendMessage(second, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);

	// Label #3
	third = CreateWindowEx(0, TEXT("STATIC"), dfutext[2], WS_VISIBLE | WS_CHILD | SS_CENTER, 5, 70, 370, 17, group, NULL, NULL, NULL);
	SendMessage(third, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);

	// Label #4
	fourth = CreateWindowEx(0, TEXT("STATIC"), dfutext[3], WS_VISIBLE | WS_CHILD | SS_CENTER, 5, 95, 370, 17, group, NULL, NULL, NULL);
	SendMessage(fourth, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);

	// Countdown timer
	counter = CreateWindowEx(0, TEXT("STATIC"), TEXT(""), WS_VISIBLE | WS_CHILD | SS_CENTER, 390, 15, 60, 60, group, NULL, NULL, NULL);
    SendMessage(counter, WM_SETFONT, (WPARAM) CreateFont(64, 0, 0, 0, FW_EXTRALIGHT, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);

	// Seconds label
	seconds = CreateWindowEx(0, TEXT("STATIC"), TEXT("Seconds"), WS_VISIBLE | WS_CHILD | SS_CENTER, 390, 75, 60, 15, group, NULL, NULL, NULL);
	SendMessage(seconds, WM_SETFONT, (WPARAM) CreateFont(12, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);

	// Reset button
	reset = CreateWindowEx(0, TEXT("BUTTON"), TEXT("Reset"), BS_PUSHBUTTON | WS_VISIBLE | WS_CHILD, 20 + 390, 70 + 95, 60, 20, window, (HMENU) 2, NULL, NULL);
	SendMessage(reset, WM_SETFONT, (WPARAM)GetStockObject(DEFAULT_GUI_FONT), FALSE);
	
	// Enter button
	enter = CreateWindowEx(0, TEXT("BUTTON"), TEXT("Prepare to Jailbreak (DFU)"), BS_PUSHBUTTON | WS_VISIBLE | WS_CHILD, 20 + 176, 70 + 50, 160, 25, window, (HMENU) 3, NULL, NULL);
	SendMessage(enter, WM_SETFONT, (WPARAM)GetStockObject(DEFAULT_GUI_FONT), FALSE);

	// donate button
	hImage = (HBITMAP)LoadImage(GetModuleHandle(NULL), TEXT("donate"), IMAGE_BITMAP, 0, 0, 0);
	
    // Show the window
	CenterWindow(window);
    ShowWindow(window, nFunsterStil);

	UpdateJailbreakStatus();
	ToggleDFUTimers(FALSE);
    
    // Run the main runloop.
    while(MessageLoop(TRUE));
    
#ifdef USE_POIS0N
    pois0n_exit();
#endif

    return 0;
}
Beispiel #9
0
int libkrypton1te_init() {
	int s_ret = 0;	/*Value to be returned */
	irecv_open_attempts(&client, 10);	/* Open attempts and load client */
	pois0n_init();
	return s_ret;
}
Beispiel #10
0
int main(int argc, char* argv[]) 
{
	irecv_error_t error;
	unsigned int cpid;
	int can_ra1n = 0;

	printf("Loadibec " LOADIBEC_VERSION COMMIT_STRING ".\n");

	if(argc != 2)
	{
		printf("Usage: %s <file>\n"
			"\tLoads a file to an iDevice in recovery mode and jumps to it.\n", argv[0]);
		return 0;
	}


	irecv_init();

	printf("Connecting to iDevice...\n");

	error = irecv_open_attempts(&g_syringe_client, 10);
	if(error != IRECV_E_SUCCESS)
	{
		fprintf(stderr, "Failed to connect to iBoot, error %d.\n", error);
		return -error;
	}
	
	if(irecv_get_cpid(g_syringe_client, &cpid) == IRECV_E_SUCCESS)
	{
		if(cpid > 8900)
			can_ra1n = 1;
	}

	if(g_syringe_client->mode == kDfuMode && can_ra1n)
	{
		int ret;
		printf("linera1n compatible device detected, injecting limera1n.\n");
		irecv_close(&g_syringe_client);
		irecv_exit();

		pois0n_init();

		ret = pois0n_is_ready();
		if(ret < 0)
			return ret;

		ret = pois0n_is_compatible();
		if(ret < 0)
			return ret;

		pois0n_inject();

		irecv_close(&g_syringe_client);
		g_syringe_client = NULL;

		printf("limera1ned, reconnecting...\n");

		g_syringe_client = irecv_reconnect(g_syringe_client, 10);
		if(!g_syringe_client)
		{
			fprintf(stderr, "Failed to reconnect.\n");
			return 4;
		}
	}
	else
		can_ra1n = 0;

	printf("Starting transfer of '%s'.\n", argv[1]);

	irecv_event_subscribe(g_syringe_client, IRECV_PROGRESS, &progress_cb, NULL);
	
	error = irecv_send_file(g_syringe_client, argv[1], 0);
	if(error != IRECV_E_SUCCESS)
	{
		fprintf(stderr, "Failed to upload '%s', error %d.\n", argv[1], error);
		return 2;
	}

	error = irecv_send_command(g_syringe_client, "go");
	if(error != IRECV_E_SUCCESS)
	{
		fprintf(stderr, "Failed to jump to uploaded file, error %d.\n", error);
		return 3;
	}
	
	irecv_send_command(g_syringe_client, "go jump 0x41000000");

	printf("Uploaded Successfully.\n");

	irecv_exit();

	return 0;
}