JTool II: Testers wanted

Used for discussing the various tools in the book as well as encouraging members to share tools

Re: JTool II: Testers wanted

Postby shellcromancer » Sun Sep 15, 2019 6:19 pm

Did Jtool2 drop support of reading code signatures for directories? Following along with the examples in *OS Internals v3 and I get the message "Can't operate on a directory (yet...)" using version 2.0 (beta 5, LAS) compiled on Aug 12 2019 19:31:46. Jtool v1 works well with this so I was just curious for this change. Thanks
shellcromancer
 
Posts: 1
Joined: Thu Sep 05, 2019 2:18 am

Re: JTool II: Testers wanted

Postby morpheus » Tue Sep 17, 2019 1:13 am

Yes; I haven't moved all jtool's code signing features to jtool2 yet - apparently this one was lost. Expect it back in when jtool2 goes official 1.0 end of month, and thanks for noticing.
morpheus
Site Admin
 
Posts: 731
Joined: Thu Apr 11, 2013 6:24 pm

Re: JTool II: Testers wanted

Postby Orph » Thu Sep 19, 2019 12:12 pm

jtool2 crashes when checking a signature for a plugin (appex), on Ubuntu. Same thing worked with old jtool, but there is a good chance the signature itself is invalid. Error is below

jtool2: malloc.c:2392: sysmalloc: Assertion `(old_top == initial_top (av) && old_size == 0) || ((unsigned long) (old_size) >= MINSIZE && prev_inuse (old_top) && ((unsigned long) old_end & (pagesize - 1)) == 0)' failed.
Aborted (core dumped)

If you need more input please let me know (and how to get it, since I am not really familiar with Linux)
Orph
 
Posts: 5
Joined: Wed Sep 21, 2016 8:42 am

Re: JTool II: Testers wanted

Postby morpheus » Thu Sep 19, 2019 1:56 pm

yes, please - I need the binary so I can reproduce and figure it out.
morpheus
Site Admin
 
Posts: 731
Joined: Thu Apr 11, 2013 6:24 pm

Re: JTool II: Testers wanted

Postby morpheus » Sun Oct 06, 2019 5:15 am

BDA:
----
- iOS 13 friendly
- A13 chip added to chip list
- Preliminary support for iBoot images (iBoot, SecureROM) now that anyone can dump them thanks to @Axi0mX's awesome CheckM8
- -Fr will now find references to addresses in kernelcaches even if it's tagged pointers!

- Bufixes:
- Will not dump file sections which aren't mapped
morpheus
Site Admin
 
Posts: 731
Joined: Thu Apr 11, 2013 6:24 pm

Re: JTool II: Testers wanted

Postby morpheus » Wed Oct 30, 2019 7:26 pm

AGA:
----

- --machoize: Useful for building a fake Mach-O header over arbitrary ARM64 images (*cough* iBoot *cough*) to then subject to analysis
- BVX2 compression supported (for iPhone9 kernelcaches, and possibly some others). I also transparently go through the $%#$%# FAT header (seriously, AAPL, WHY?!) to point to the MH_MAGIC_64
morpheus
Site Admin
 
Posts: 731
Joined: Thu Apr 11, 2013 6:24 pm

Re: JTool II: Testers wanted

Postby lunchdaemon » Wed Dec 04, 2019 10:57 am

Hi,

Firstly thanks for the incredible tool! I am getting the same error that Orph mentioned when using the -S option:

Orph wrote:
jtool2: malloc.c:2392: sysmalloc: Assertion `(old_top == initial_top (av) && old_size == 0) || ((unsigned long) (old_size) >= MINSIZE && prev_inuse (old_top) && ((unsigned long) old_end & (pagesize - 1)) == 0)' failed.
Aborted (core dumped)



I've checked with the latest version of jtool2 just downloaded from here using the elf on Ubuntu 1804. Unfortunately I can't share the Mach-O binary I initially noticed it with but was able to reproduce it (on Ubuntu) with the ls and pwd binaries taken from a macOS 10.14.6 machine which I can obviously share if you do not have to hand.

The same command using jtool2 on macOS for all of the above mentioned binaries works successfully so it appears to be specific to the elf rather than the binary it is being used to analyse.
lunchdaemon
 
Posts: 1
Joined: Sun Oct 22, 2017 7:24 am

Previous

Return to Tools

Who is online

Users browsing this forum: No registered users and 2 guests

cron