46 lines
1.6 KiB
Plaintext
46 lines
1.6 KiB
Plaintext
~~~~~ checkm8_tool ~~~~~
|
|
|
|
This is the code for the optimized version of checkm8 that I wrote as a part of
|
|
this project. It consists of a variety of modules and was built to run on
|
|
Linux. It will probably not work on Windows or MacOS, although a port could
|
|
definitely be possible in the future.
|
|
|
|
checkm8_remote: the main executable generated by the project. It
|
|
includes various functionality for communicating with
|
|
and exploiting a device (currently, only iPhones with
|
|
an A10 chip are supported), including payload transfer
|
|
and execution. The main program is located in the
|
|
checkm8_remote/main.c file. It is currently configured
|
|
to install and run a basic AES payload.
|
|
|
|
checkm8_libusb: a userspace library for communicating with USB devices.
|
|
Currently this is unmodified from the standard release
|
|
of libusb1.0, but in future versions there will be
|
|
modifications to enable custom USB behavior.
|
|
|
|
checkm8_payloads: the custom payload functionality is defined in this
|
|
directory. To compile payloads, you need the
|
|
aarch64-linux-gnu toolchain to cross-compile binaries
|
|
for the iPhone platform.
|
|
|
|
~~~~~ Building ~~~~~
|
|
|
|
This project uses cmake as its build system. To build, simply do the following
|
|
commands in the project's root directory
|
|
|
|
mkdir build
|
|
cd build
|
|
cmake ..
|
|
make
|
|
|
|
~~~~~ Usage ~~~~~~
|
|
|
|
To run the checkm8-remote binary, simply run
|
|
|
|
./build/checkm8_remote/checkm8_remote
|
|
|
|
without any flags. Functionality is currently hardcoded to the AES payload, but
|
|
will be made more configurable in the future. Make sure that the target device
|
|
is in DFU mode before running the program.
|
|
|