iOS-RR v1.0 beta 3

TarballCoLtd · Aug 5, 2020 · 8009c03 · 8009c03
1 parent 64513d9
commit 8009c03
Show file tree

Hide file tree

Showing 5 changed files with 85 additions and 7 deletions.
diff --git a/entitlements.xml b/entitlements.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+  <dict>
+    <key>keychain-access-groups</key>
+    <array>
+      <string>*</string>
+    </array>
+    <key>platform-application</key> <true/>
+    <key>com.apple.private.security.no-container</key>  <true/>
+  </dict>
+</plist>
diff --git a/src/com/alyxferrari/iosrr/Display.java b/src/com/alyxferrari/iosrr/Display.java
@@ -102,7 +102,8 @@ public void run() {
 					Display.FRAME.getContentPane().removeAll();
 					String keychain = null;
 					try {
-						String ip = JOptionPane.showInputDialog("Device IP address? OpenSSH and SQLite 3.x must be installed on your device.");
+						JOptionPane.showMessageDialog(null, "Make sure your device meets the following conditions before proceeding:\nYour device must be jailbroken\nYour device must have an SSH server running\nYour device must have the \"SQLite 3.x\" package installed\nYour device is highly recommended to have a passcode (it may work without, but having one fixes a lot of issues)\nMake sure your device is unlocked and on the home screen throughout the whole process");
+						String ip = JOptionPane.showInputDialog("Device IP address?");
 						String portStr = JOptionPane.showInputDialog("Device SSH server port? (press enter to default to 22)");
 						int port = 22;
 						if (!portStr.equals("")) {
@@ -186,7 +187,7 @@ public void run() {
 						ssh2.authPassword("root", rootPass);
 						Session session2 = ssh2.startSession();
 						JOptionPane.showMessageDialog(null, "Please make sure your device is unlocked and on the home screen.");
-						Display.FRAME.getContentPane().add(new JLabel("Dumping your device's Keychain... (if this blocks, make sure your device is unlocked)"));
+						Display.FRAME.getContentPane().add(new JLabel("Dumping your device's Keychain... (authenticate with Touch ID/Face ID if asked)"));
 						System.out.println("Dumping your device's Keychain... (if this blocks, make sure your device is unlocked)");
 						Display.refresh();
 						Session.Command cmd = session2.exec("./../mobile/Documents/keychain_dumper");
@@ -195,7 +196,7 @@ public void run() {
 						Display.FRAME.getContentPane().add(new JLabel("Removing keychain_dumper from device..."));
 						System.out.println("Removing keychain_dumper from device...");
 						Display.refresh();
-						session2.exec("rm ./../mobile/Documents/keychain_dumper");
+						session2.exec("rm ../mobile/Documents/keychain_dumper");
 						Display.FRAME.getContentPane().add(new JLabel("Disconnecting..."));
 						System.out.println("Disconnecting...");
 						Display.refresh();
@@ -206,9 +207,9 @@ public void run() {
 						Display.refresh();
 						String[] list = keychain.split("ParentalControls")[1].split("\n");
 						String password = null;
-						for (int i = 0; i < 20; i++) {
-							if (list[i].startsWith("Keychain Data: ")) {
-								password = list[i].split(": ")[1];
+						for (int i = 0; i < (list.length > 1000 ? 1000 : list.length); i++) {
+							if (list[i].contains("Keychain Data: ")) {
+								password = list[i].split("Keychain Data: ")[1];
 								break;
 							}
 						}

diff --git a/src/com/alyxferrari/iosrr/RRConst.java b/src/com/alyxferrari/iosrr/RRConst.java
@@ -2,7 +2,7 @@
 public class RRConst {
 	private RRConst() {}
 	public static final String NAME = "iOS-Restrictions-Recovery";
-	public static final String VERSION = "v1.0 beta 1";
+	public static final String VERSION = "v1.0 beta 3";
 	public static final String AUTHOR = "Alyx Ferrari";
 	public static final String FULL_NAME = NAME + " " + VERSION;
 	public static final String TITLE = "<html><body><font size=\"5\">" + FULL_NAME + "</font></body></html>";

diff --git a/src/com/alyxferrari/iosrr/RestrictionsRecovery.java b/src/com/alyxferrari/iosrr/RestrictionsRecovery.java
@@ -9,6 +9,7 @@
 public class RestrictionsRecovery {
 	private RestrictionsRecovery() {}
 	public static void main(String[] args) throws Exception {
+		System.setErr(System.out);
 		if (args.length == 0) {
 			Display.createDisplay();
 		} else {

diff --git a/updateEntitlements.sh b/updateEntitlements.sh
@@ -0,0 +1,64 @@
+#!/bin/bash
+#Original keychain_dumper by Patrick Toomey
+#Scrpt by @ReverseThatApp and @vocaeq
+
+KEYCHAIN_DUMPER_FOLDER=/usr/bin
+if [ ! -d "$KEYCHAIN_DUMPER_FOLDER" ] ; then
+  mkdir "$KEYCHAIN_DUMPER_FOLDER" ;
+fi
+
+# set -e ;
+
+ENTITLEMENT_PATH=$KEYCHAIN_DUMPER_FOLDER/ent.xml
+dbKeychainArray=()
+declare -a invalidKeychainArray=("com.apple.bluetooth"
+        "com.apple.cfnetwork"
+        "com.apple.cloudd"
+        "com.apple.continuity.encryption"
+        "com.apple.continuity.unlock"
+        "com.apple.icloud.searchpartyd"
+        "com.apple.ind"
+        "com.apple.mobilesafari"
+        "com.apple.rapport"
+        "com.apple.sbd"
+        "com.apple.security.sos"
+        "com.apple.siri.osprey"
+        "com.apple.telephonyutilities.callservicesd"
+        "ichat"
+        "wifianalyticsd"
+      )
+
+echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" > $ENTITLEMENT_PATH
+echo "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">" >> $ENTITLEMENT_PATH
+echo "<plist version=\"1.0\">" >> ENTITLEMENT_PATH
+echo "  <dict>" >> $ENTITLEMENT_PATH
+echo "    <key>keychain-access-groups</key>" >> $ENTITLEMENT_PATH
+echo "    <array>" >> $ENTITLEMENT_PATH
+
+sqlite3 /var/Keychains/keychain-2.db "SELECT DISTINCT agrp FROM genp" > ./allgroups.txt
+sqlite3 /var/Keychains/keychain-2.db "SELECT DISTINCT agrp FROM cert" >> ./allgroups.txt
+sqlite3 /var/Keychains/keychain-2.db "SELECT DISTINCT agrp FROM inet" >> ./allgroups.txt
+sqlite3 /var/Keychains/keychain-2.db "SELECT DISTINCT agrp FROM keys" >> ./allgroups.txt
+
+while IFS= read -r line; do
+  dbKeychainArray+=("$line")
+    if [[ ! " ${invalidKeychainArray[@]} " =~ " ${line} " ]]; then
+      echo "      <string>${line}</string>">> $ENTITLEMENT_PATH
+  else
+    echo "Skipping ${line}"
+  fi
+done < ./allgroups.txt
+
+# cat ./allgroups.txt | sed 's/.*/\ \ \ \ \ \ \ \ \<string\>&\<\/string\>/' >> $ENTITLEMENT_PATH
+rm ./allgroups.txt
+
+echo "    </array>">> $ENTITLEMENT_PATH
+echo "    <key>platform-application</key> <true/>">> $ENTITLEMENT_PATH
+echo "    <key>com.apple.private.security.no-container</key>  <true/>">> $ENTITLEMENT_PATH
+echo "  </dict>">> $ENTITLEMENT_PATH
+echo "</plist>">> $ENTITLEMENT_PATH
+
+cd $KEYCHAIN_DUMPER_FOLDER
+ldid -Sent.xml keychain_dumper
+rm ent.xml
+echo "Entitlements updated"