int main(int argc, char* argv[]) {
if (argc > 1 && (!strcmp(argv[1],"--help") || !strcmp(argv[1],"-h"))) {
printf("injectpois0n\n\t-t Teather Boot\n\t-r Boot ramdisk\n\t-s Only execute iBSS payload\n\t-o Only execute iBSS payload and boot iBoot\n\nUsage: %s [-r|-s|-o]\n", argv[0]);
return 0;
}
pois0n_init();
pois0n_set_callback(&print_progress, NULL);
info("Waiting for device to enter DFU mode\n");
while(pois0n_is_ready()) {
sleep(1);
}
info("Found device in DFU mode\n");
if(!pois0n_is_compatible()) {
if (argc > 1) {
if (!strcmp(argv[1],"-t"))
pois0n_inject("1");
else if (!strcmp(argv[1],"-r"))
pois0n_inject("0");
else if (!strcmp(argv[1],"-s"))
pois0n_inject("2");
else if (!strcmp(argv[1],"-o"))
pois0n_inject("3");
} else {
pois0n_inject(NULL);
}
}
pois0n_exit();
return 0;
}
int main(int argc, char* argv[]) {
if (argc > 1) {
if (!strcmp(argv[1],"-go")){
pois0n_init();
pois0n_set_callback(&print_progress, NULL);
info("Waiting for device to enter DFU mode\n");
pois0n_is_ready();
info("Found device in DFU mode\n");
if(!pois0n_is_compatible()){
pois0n_inject("2");
}
pois0n_exit();
}if (!strcmp(argv[1],"-irecovery")) {
system("build/irecovery -v -s");
}
}else {
help();
}
return 0;
}
int main(int argc, char* argv[]) {
int result = 0;
if (argc != 3) {
usage();
}
const char* ibssFile = argv[1];
const char* kernelcacheFile = argv[2];
pois0n_init();
pois0n_set_callback(&print_progress, NULL);
info("Waiting for device to enter DFU mode\n");
while(pois0n_is_ready()) {
sleep(1);
}
info("Found device in DFU mode\n");
result = pois0n_is_compatible();
if (result < 0) {
error("Your device in incompatible with this exploit!\n");
return result;
}
result = pois0n_injectonly();
if (result < 0) {
error("Exploit injection failed!\n");
return result;
}
debug("Uploading %s to device\n", ibssFile);
irecv_error_t error = irecv_send_file(client, ibssFile, 1);
if(error != IRECV_E_SUCCESS) {
error("Unable to upload iBSS\n");
debug("%s\n", irecv_strerror(error));
return -1;
}
client = irecv_reconnect(client, 10);
debug("Uploading %s to device\n", kernelcacheFile);
error = irecv_send_file(client, kernelcacheFile, 1);
if(error != IRECV_E_SUCCESS) {
error("Unable to upload kernelcache\n");
debug("%s\n", irecv_strerror(error));
return -1;
}
error = irecv_send_command(client, "bootx");
if(error != IRECV_E_SUCCESS) {
error("Unable send the bootx command\n");
return -1;
}
pois0n_exit();
return 0;
}
int main(int argc, char* argv[]) {
pois0n_init();
pois0n_set_callback(&print_progress, NULL);
info("Waiting for device to enter DFU mode\n");
while(pois0n_is_ready()) {
sleep(1);
}
info("Found device in DFU mode\n");
if(!pois0n_is_compatible()) {
pois0n_inject();
}
pois0n_exit();
return 0;
}
int main(int argc, char* argv[]) {
int result = 0;
irecv_error_t ir_error = IRECV_E_SUCCESS;
//int index;
const char
*ibssFile = NULL,
*ibecFile = NULL,
*kernelcacheFile = NULL,
*ramdiskFile = NULL,
*bgcolor = NULL,
*bootlogo = NULL;
int c;
opterr = 0;
while ((c = getopt (argc, argv, "vhi:b:k:r:l:c:")) != -1)
switch (c)
{
case 'v':
g_verbose = true;
break;
case 'h':
usage();
break;
case 'i':
if (!file_exists(optarg)) {
error("Cannot open iBSS file '%s'\n", optarg);
return -1;
}
ibssFile = optarg;
break;
case 'b':
if (!file_exists(optarg)) {
error("Cannot open iBEC file '%s'\n", optarg);
return -1;
}
ibecFile = optarg;
break;
case 'k':
if (!file_exists(optarg)) {
error("Cannot open kernelcache file '%s'\n", optarg);
return -1;
}
kernelcacheFile = optarg;
break;
case 'r':
if (!file_exists(optarg)) {
error("Cannot open ramdisk file '%s'\n", optarg);
return -1;
}
ramdiskFile = optarg;
break;
case 'l':
if (!file_exists(optarg)) {
error("Cannot open bootlogo file '%s'\n", optarg);
return -1;
}
bootlogo = optarg;
break;
case 'c':
bgcolor = optarg;
break;
default:
usage();
}
pois0n_init();
pois0n_set_callback(&print_progress, NULL);
info("Waiting for device to enter DFU mode\n");
while(pois0n_is_ready()) {
sleep(1);
}
info("Found device in DFU mode\n");
result = pois0n_is_compatible();
if (result < 0) {
error("Your device in incompatible with this exploit!\n");
return result;
}
result = pois0n_injectonly();
if (result < 0) {
error("Exploit injection failed!\n");
return result;
}
if (ibssFile != NULL) {
debug("Uploading %s to device\n", ibssFile);
ir_error = irecv_send_file(g_syringe_client, ibssFile, 1);
if(ir_error != IRECV_E_SUCCESS) {
error("Unable to upload iBSS\n");
debug("%s\n", irecv_strerror(ir_error));
return -1;
}
sleep(10);
} else {
return 0;
}
if (ibecFile != NULL) {
g_syringe_client = irecv_reconnect(g_syringe_client, 10);
debug("Uploading iBEC %s to device\n", ibecFile);
ir_error = irecv_send_file(g_syringe_client, ibecFile, 1);
if(ir_error != IRECV_E_SUCCESS) {
error("Unable to upload iBEC\n");
debug("%s\n", irecv_strerror(ir_error));
return -1;
}
sleep(5);
}
g_syringe_client = irecv_reconnect(g_syringe_client, 10);
if (ramdiskFile != NULL) {
debug("Uploading ramdisk %s to device\n", ramdiskFile);
ir_error = irecv_send_file(g_syringe_client, ramdiskFile, 1);
if(ir_error != IRECV_E_SUCCESS) {
error("Unable to upload ramdisk\n");
debug("%s\n", irecv_strerror(ir_error));
return -1;
}
sleep(5);
ir_error = irecv_send_command(g_syringe_client, "ramdisk");
if(ir_error != IRECV_E_SUCCESS) {
error("Unable send the ramdisk command\n");
return -1;
}
}
if (bootlogo != NULL) {
debug("Uploading boot logo %s to device\n", bootlogo);
ir_error = irecv_send_file(g_syringe_client, bootlogo, 1);
if(ir_error != IRECV_E_SUCCESS) {
error("Unable to upload bootlogo\n");
debug("%s\n", irecv_strerror(ir_error));
return -1;
}
ir_error = irecv_send_command(g_syringe_client, "setpicture 1");
if(ir_error != IRECV_E_SUCCESS) {
error("Unable to set picture\n");
return -1;
}
ir_error = irecv_send_command(g_syringe_client, "bgcolor 0 0 0");
if(ir_error != IRECV_E_SUCCESS) {
error("Unable to set picture\n");
return -1;
}
}
if (bgcolor != NULL) {
char finalbgcolor[255];
sprintf(finalbgcolor, "bgcolor %s", bgcolor);
ir_error = irecv_send_command(g_syringe_client, finalbgcolor);
if(ir_error != IRECV_E_SUCCESS) {
error("Unable set bgcolor\n");
return -1;
}
}
if (kernelcacheFile != NULL) {
debug("Uploading %s to device\n", kernelcacheFile);
ir_error = irecv_send_file(g_syringe_client, kernelcacheFile, 1);
if(ir_error != IRECV_E_SUCCESS) {
error("Unable to upload kernelcache\n");
debug("%s\n", irecv_strerror(ir_error));
return -1;
}
ir_error = irecv_send_command(g_syringe_client, "bootx");
if(ir_error != IRECV_E_SUCCESS) {
error("Unable send the bootx command\n");
return -1;
}
}
pois0n_exit();
return 0;
}
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpszArgument, int nFunsterStil)
{
// Register window class
WNDCLASSEX wc;
wc.cbSize = sizeof(WNDCLASSEX);
wc.style = 0;
wc.lpfnWndProc = WindowProcedure;
wc.cbClsExtra = 0;
wc.cbWndExtra = 0;
wc.hInstance = hInstance;
wc.hIcon = LoadIcon(GetModuleHandle(NULL), TEXT("ID"));
wc.hCursor = LoadCursor(NULL, IDC_ARROW);
wc.hbrBackground = (HBRUSH) (COLOR_BTNFACE + 1);
wc.lpszMenuName = NULL;
wc.lpszClassName = szClassName;
wc.hIconSm = (HICON)LoadImage(GetModuleHandle(NULL), TEXT("ID"), IMAGE_ICON, 16, 16, 0);
if(!RegisterClassEx(&wc)) return 0;
#ifdef USE_POIS0N
pois0n_init();
pois0n_set_callback(&ProgressCallback, NULL);
#endif
INITCOMMONCONTROLSEX icex;
icex.dwSize = sizeof(INITCOMMONCONTROLSEX);
icex.dwICC = ICC_PROGRESS_CLASS;
InitCommonControlsEx(&icex);
// Main window
window = CreateWindowEx(0, szClassName, TEXT("greenpois0n"), WS_OVERLAPPED | WS_SYSMENU | SS_OWNERDRAW, CW_USEDEFAULT, CW_USEDEFAULT, 520 + GetSystemMetrics(SM_CXFIXEDFRAME), 260 + GetSystemMetrics(SM_CYFIXEDFRAME) + GetSystemMetrics(SM_CYCAPTION), HWND_DESKTOP, NULL, hInstance, NULL);
// Jailbreak button
nButton = CreateWindowEx(0, TEXT("BUTTON"), TEXT("Jailbreak"), BS_PUSHBUTTON | WS_VISIBLE | WS_CHILD, 20, 205, 138, 25, window, (HMENU) 1, NULL, NULL);
SendMessage(nButton, WM_SETFONT, (WPARAM)GetStockObject(DEFAULT_GUI_FONT), FALSE);
// Progress bar
progress = CreateWindowEx(0, PROGRESS_CLASS, NULL, WS_CHILD | WS_VISIBLE | PBS_SMOOTH, 165, 206, 335, 23, window, NULL, NULL, NULL);
SendMessage(progress, PBM_SETPOS, 0, 0);
EnableWindow(progress, FALSE);
// Title
title = CreateWindowEx(0, TEXT("STATIC"), TEXT("greenpois0n"), WS_VISIBLE | WS_CHILD | SS_CENTER, 141, 2, 257, 44, window, NULL, NULL, NULL);
SendMessage(title, WM_SETFONT, (WPARAM) CreateFont(/*the*/42/*answer*/, 0, 0, 0, FW_EXTRALIGHT, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
// Subtitle
subtitle = CreateWindowEx(0, TEXT("STATIC"), TEXT("Please power off your device and connect it to begin."), WS_VISIBLE | WS_CHILD | SS_CENTER, 20, 52, 480, 17, window, NULL, NULL, NULL);
SendMessage(subtitle, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
// Copyright warning
copyright = CreateWindowEx(0, TEXT("STATIC"), TEXT("(c) 2009-2010 chronic-dev team (http://chronic-dev.org/blog/). Beware the copyright monster!"), WS_VISIBLE | WS_CHILD | SS_NOTIFY | SS_CENTER, 20, 236, 480, 13, window, (HMENU) 4, NULL, NULL);
SendMessage(copyright, WM_SETFONT, (WPARAM) CreateFont(12, 0, 0, 0, FW_DONTCARE, FALSE, TRUE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
// DFU group box
group = CreateWindowEx(0, TEXT("BUTTON"), TEXT(""), BS_GROUPBOX | WS_VISIBLE | WS_CHILD, 20, 70, 480, 125, window, NULL, NULL, NULL);
// Label #1
first = CreateWindowEx(0, TEXT("STATIC"), dfutext[0], WS_VISIBLE | WS_CHILD | SS_CENTER, 5, 20, 370, 17, group, NULL, NULL, NULL);
SendMessage(first, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
// Label #2
second = CreateWindowEx(0, TEXT("STATIC"), dfutext[1], WS_VISIBLE | WS_CHILD | SS_CENTER, 5, 45, 370, 17, group, NULL, NULL, NULL);
SendMessage(second, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
// Label #3
third = CreateWindowEx(0, TEXT("STATIC"), dfutext[2], WS_VISIBLE | WS_CHILD | SS_CENTER, 5, 70, 370, 17, group, NULL, NULL, NULL);
SendMessage(third, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
// Label #4
fourth = CreateWindowEx(0, TEXT("STATIC"), dfutext[3], WS_VISIBLE | WS_CHILD | SS_CENTER, 5, 95, 370, 17, group, NULL, NULL, NULL);
SendMessage(fourth, WM_SETFONT, (WPARAM) CreateFont(14, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
// Countdown timer
counter = CreateWindowEx(0, TEXT("STATIC"), TEXT(""), WS_VISIBLE | WS_CHILD | SS_CENTER, 390, 15, 60, 60, group, NULL, NULL, NULL);
SendMessage(counter, WM_SETFONT, (WPARAM) CreateFont(64, 0, 0, 0, FW_EXTRALIGHT, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
// Seconds label
seconds = CreateWindowEx(0, TEXT("STATIC"), TEXT("Seconds"), WS_VISIBLE | WS_CHILD | SS_CENTER, 390, 75, 60, 15, group, NULL, NULL, NULL);
SendMessage(seconds, WM_SETFONT, (WPARAM) CreateFont(12, 0, 0, 0, FW_DONTCARE, FALSE, FALSE, FALSE, ANSI_CHARSET, OUT_TT_PRECIS, CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Tahoma")), TRUE);
// Reset button
reset = CreateWindowEx(0, TEXT("BUTTON"), TEXT("Reset"), BS_PUSHBUTTON | WS_VISIBLE | WS_CHILD, 20 + 390, 70 + 95, 60, 20, window, (HMENU) 2, NULL, NULL);
SendMessage(reset, WM_SETFONT, (WPARAM)GetStockObject(DEFAULT_GUI_FONT), FALSE);
// Enter button
enter = CreateWindowEx(0, TEXT("BUTTON"), TEXT("Prepare to Jailbreak (DFU)"), BS_PUSHBUTTON | WS_VISIBLE | WS_CHILD, 20 + 176, 70 + 50, 160, 25, window, (HMENU) 3, NULL, NULL);
SendMessage(enter, WM_SETFONT, (WPARAM)GetStockObject(DEFAULT_GUI_FONT), FALSE);
// donate button
hImage = (HBITMAP)LoadImage(GetModuleHandle(NULL), TEXT("donate"), IMAGE_BITMAP, 0, 0, 0);
// Show the window
CenterWindow(window);
ShowWindow(window, nFunsterStil);
UpdateJailbreakStatus();
ToggleDFUTimers(FALSE);
// Run the main runloop.
while(MessageLoop(TRUE));
#ifdef USE_POIS0N
pois0n_exit();
#endif
return 0;
}
void libkrypton1te_exit() {
irecv_exit();
pois0n_exit();
}