int execute_ibss_payload() { //int i = 0; char* bootargs = NULL; irecv_error_t error = IRECV_E_SUCCESS; debug("Initializing greenpois0n in iBSS\n"); irecv_send_command(client, "go"); // Code to detect whether to boot ramdisk or filesystem debug("Checking if device is already jailbroken\n"); error = irecv_getenv(client, "boot-args", &bootargs); if (error != IRECV_E_SUCCESS) { debug("%s\n", irecv_strerror(error)); error("Unable to read env var\n"); return -1; } // If boot-args hasn't been set then we've never been jailbroken if (!strcmp(bootargs, "") || !strcmp(bootargs, "0")) { debug("Booting jailbreak ramdisk\n"); if (boot_ramdisk() < 0) { error("Unable to boot device into tethered mode\n"); return -1; } } // If boot-args is 1 then boot device into tethered mode else if (!strcmp(bootargs, "1")) { debug("Booting tethered device\n"); if (boot_tethered() < 0) { error("Unable to boot device into tethered mode\n"); return -1; } } // If boot-args is 2, then don't boot kernel, just load iBSS payload else if (!strcmp(bootargs, "2")) { debug("Booting iBSS in payload mode\n"); return 0; } // If boot-args is 3, then don't boot kernel, just load iBoot payload else if (!strcmp(bootargs, "3")) { debug("Booting device in verbose mode\n"); if (boot_iboot() < 0) { error("Unable to boot device into verbose mode\n"); return -1; } } return 0; }
int boot_tethered() { irecv_error_t error = IRECV_E_SUCCESS; debug("Initializing greenpois0n in iBoot\n"); irecv_send_command(client, "go"); // Add an exception for this since it's very different if (device->index == DEVICE_APPLETV2) { debug("Preparing to upload kernelcache\n"); if (upload_kernelcache() < 0) { error("Unable to upload kernelcache\n"); return -1; } debug("Hooking jump_to command\n"); error = irecv_send_command(client, "go rdboot"); if (error != IRECV_E_SUCCESS) { error("Unable to hook jump_to\n"); return -1; } debug("Booting kernel\n"); error = irecv_send_command(client, "bootx"); if (error != IRECV_E_SUCCESS) { error("Unable to boot kernel\n"); return -1; } return 0; } debug("Preparing to boot iBoot\n"); if (boot_iboot() < 0) { error("Unable to boot iBoot\n"); return -1; } debug("Preparing to upload ramdisk\n"); if (upload_ramdisk() < 0) { error("Unable to upload ramdisk\n"); return -1; } debug("Executing ramdisk\n"); error = irecv_send_command(client, "go ramdisk 1 1"); if (error != IRECV_E_SUCCESS) { error("Unable to execute ramdisk command\n"); return -1; } debug("Setting kernel bootargs\n"); error = irecv_send_command(client, "go kernel bootargs rd=disk0s1 -v keepsyms=1"); if (error != IRECV_E_SUCCESS) { error("Unable to set kernel bootargs\n"); return -1; } irecv_setenv(client, "boot-args", "0"); irecv_setenv(client, "auto-boot", "true"); irecv_saveenv(client); error = irecv_send_command(client, "go fsboot"); if (error != IRECV_E_SUCCESS) { error("Unable to fsboot\n"); return -1; } return 0; }
int boot_ramdisk() { irecv_error_t error = IRECV_E_SUCCESS; // Add an exception for this since it's very different if(device->index == DEVICE_APPLETV2) { debug("Preparing to upload ramdisk\n"); if(upload_ramdisk() < 0) { error("Unable to upload ramdisk\n"); return -1; } debug("Executing ramdisk\n"); error = irecv_send_command(client, "ramdisk"); if(error != IRECV_E_SUCCESS) { error("Unable to execute ramdisk command\n"); return -1; } debug("Setting kernel bootargs\n"); error = irecv_send_command(client, "go kernel bootargs rd=md0 -v keepsyms=1"); if(error != IRECV_E_SUCCESS) { error("Unable to set kernel bootargs\n"); return -1; } debug("Preparing to upload kernelcache\n"); if(upload_kernelcache() < 0) { error("Unable to upload kernelcache\n"); return -1; } error = irecv_send_command(client, "bootx"); if(error != IRECV_E_SUCCESS) { error("Unable to move iBoot into memory\n"); return -1; } return 0; } debug("Preparing to boot iBoot\n"); if(boot_iboot() < 0) { error("Unable to boot iBoot\n"); return -1; } debug("Preparing to upload ramdisk\n"); if(upload_ramdisk() < 0) { error("Unable to upload ramdisk\n"); return -1; } debug("Executing ramdisk\n"); error = irecv_send_command(client, "go ramdisk 1 1"); if(error != IRECV_E_SUCCESS) { error("Unable to execute ramdisk command\n"); return -1; } debug("Moving ramdisk\n"); if(device->chip_id == 8720) { error = irecv_send_command(client, "go memory move 0x9000040 0xC000000 0x100000"); } else { error = irecv_send_command(client, "go memory move 0x41000040 0x44000000 0x100000"); } if(error != IRECV_E_SUCCESS) { error("Unable to move ramdisk\n"); return -1; } debug("Setting kernel bootargs\n"); error = irecv_send_command(client, "go kernel bootargs rd=md0 -v keepsyms=1"); if(error != IRECV_E_SUCCESS) { error("Unable to set kernel bootargs\n"); return -1; } irecv_setenv(client, "boot-args", "0"); irecv_setenv(client, "auto-boot", "true"); irecv_saveenv(client); error = irecv_send_command(client, "go fsboot"); if (error != IRECV_E_SUCCESS) { error("Unable to fsboot\n"); return -1; } return 0; }