memctl-tfp0-core

memctl-tfp0-core is a memctl core for iOS that tries to access the kernel task port using task_for_pid(0) and host_get_special_port() for all special port numbers (although most jailbreaks use port 4).

It has been tested with Electra on iOS 11.1.2 and yalu102 on iOS 10.2.

Signing and entitlements

Some jailbreaks need binaries to be signed with special entitlements for them to run properly. Be sure to add any such entitlements to entitlements.plist before building memctl.

Building

To build memctl using this core:

$ git clone https://github.com/bazad/memctl
$ cd memctl
$ git clone https://github.com/bazad/memctl-tfp0-core
$ ln -s memctl-tfp0-core core
$ cd memctl-tfp0-core
$ make
$ cd ..
$ make

Running

To run memctl, first copy it to the device you will analyze. On the device, run memctl with no arguments to drop into a REPL.

$ memctl
memctl> vm _memcpy
          START - END             [ VSIZE ] PRT/MAX SHRMOD DEPTH RESIDENT REFCNT TAG
fffffff022000000-fffffff124000000 [  4.0G ] ---/---    NUL     0        0      0   0

License

memctl-tfp0-core is released under the MIT license.

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
src		src
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
entitlements.plist		entitlements.plist

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

memctl-tfp0-core

Signing and entitlements

Building

Running

License

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

memctl-tfp0-core

Signing and entitlements

Building

Running

License

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages