-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathREADME
45 lines (33 loc) · 1.59 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
~~~~~ checkm8_tool ~~~~~
This is the code for the optimized version of checkm8 that I wrote as a part of
this project. It consists of a variety of modules and was built to run on
Linux. It will probably not work on Windows or MacOS, although a port could
definitely be possible in the future.
checkm8_remote: the main executable generated by the project. It
includes various functionality for communicating with
and exploiting a device (currently, only iPhones with
an A10 chip are supported), including payload transfer
and execution. The main program is located in the
checkm8_remote/main.c file. It is currently configured
to install and run a basic AES payload.
checkm8_libusb: a userspace library for communicating with USB devices.
Currently this is unmodified from the standard release
of libusb1.0, but in future versions there will be
modifications to enable custom USB behavior.
checkm8_payloads: the custom payload functionality is defined in this
directory. To compile payloads, you need the
aarch64-linux-gnu toolchain to cross-compile binaries
for the iPhone platform.
~~~~~ Building ~~~~~
This project uses cmake as its build system. To build, simply do the following
commands in the project's root directory
mkdir build
cd build
cmake ..
make
~~~~~ Usage ~~~~~~
To run the checkm8-remote binary, simply run
./build/checkm8_remote/checkm8_remote
without any flags. Functionality is currently hardcoded to the AES payload, but
will be made more configurable in the future. Make sure that the target device
is in DFU mode before running the program.