UnjailMe
UnjailMe copied to clipboard
MTJailed
Webserver on port 80
this fork activates file listing on the web server. Other directories are not listed except the Developer directory. However, if the file path is known, the contents can be read in the permissions direction. (etc/passwd can read)
I deleted some libraries and files because I could not access the source. (referenced your ftp files)
Have a good day!
2018-03-03 23:19:12.262026+0800 unjailme[479:63219] [MC] Lazy loading NSBundle MobileCoreServices.framework 2018-03-03 23:19:12.265191+0800 unjailme[479:63219] [MC] Loaded MobileCoreServices.framework Got port: 513 Starting to look for session tokens Sent message id 3 with token 136c0001, returned: 0 Found port: 136c0001 Sent message id 3 with token 2dba0001, returned: 0 Found port: 2dba0001 Sent message id 3 with token 2de70001, returned: 0 Found port: 2de70001 Sent message id 3 with token 3d2d0001, returned: 0 Found port: 3d2d0001 Sent message id 3 with token 4e890001, returned: 0 Found port: 4e890001 Sent message id 3 with token 535b0001, returned: 0 Found port: 535b0001 Sent message id 3 with token 59880001, returned: 0 Found port: 59880001 Sent message id 3 with token 5d900001, returned: 0 Found port: 5d900001 Sent message id 3 with token 870f0001, returned: 0 Found port: 870f0001 Sent message id 3 with token 9c870001, returned: 0 Found port: 9c870001 Sent message id 3 with token 9f8c0002, returned: 0 Found port: 9f8c0002 Sent message id 3 with token a2490001, returned: 0 Found port: a2490001 Sent message id 3 with token aadb0001, returned: 0 Found port: aadb0001 Sent message id 3 with token c1ba0001, returned: 0 Found port: c1ba0001 Sent message id 3 with token c4880001, returned: 0 Found port: c4880001 Sent message id 3 with token e1c10001, returned: 0 Found port: e1c10001 Sent message id 3 with token e73f0001, returned: 0 Found port: e73f0001 Adding callback: Port=e73f0001 address=deadbeef value=cc07c9 Sent message id 3 with token e73f0001, returned: 0 Adding callback: Port=e1c10001 address=deadbeef value=cc07c9 Sent message id 3 with token e1c10001, returned: 0 Adding callback: Port=c4880001 address=deadbeef value=cc07c9 Sent message id 3 with token c4880001, returned: 0 Adding callback: Port=c1ba0001 address=deadbeef value=cc07c9 Sent message id 3 with token c1ba0001, returned: 0 Adding callback: Port=aadb0001 address=deadbeef value=cc07c9 Sent message id 3 with token aadb0001, returned: 0 Adding callback: Port=a2490001 address=deadbeef value=cc07c9 Sent message id 3 with token a2490001, returned: 0 Adding callback: Port=9f8c0002 address=deadbeef value=cc07c9 Sent message id 3 with token 9f8c0002, returned: 0 Adding callback: Port=9c870001 address=deadbeef value=cc07c9 Sent message id 3 with token 9c870001, returned: 0 Adding callback: Port=870f0001 address=deadbeef value=cc07c9 Sent message id 3 with token 870f0001, returned: 0 Adding callback: Port=5d900001 address=deadbeef value=cc07c9 Sent message id 3 with token 5d900001, returned: 0 Adding callback: Port=59880001 address=deadbeef value=cc07c9 Sent message id 3 with token 59880001, returned: 0 Adding callback: Port=535b0001 address=deadbeef value=cc07c9 Sent message id 3 with token 535b0001, returned: 0 Adding callback: Port=4e890001 address=deadbeef value=cc07c9 Sent message id 3 with token 4e890001, returned: 0 Adding callback: Port=3d2d0001 address=deadbeef value=cc07c9 Sent message id 3 with token 3d2d0001, returned: 0 Adding callback: Port=2de70001 address=deadbeef value=cc07c9 Sent message id 3 with token 2de70001, returned: 0 Adding callback: Port=2dba0001 address=deadbeef value=cc07c9 Sent message id 3 with token 2dba0001, returned: 0 Adding callback: Port=136c0001 address=deadbeef value=cc07c9 Sent message id 3 with token 136c0001, returned: 0 Exploit succeeded! 2018-03-03 23:19:44.213941+0800 unjailme[479:63219] [Common] Unable to create job with label bootstrapper. Error: Unknown error: 154 uid: 501 AFCD2 could not be ran, check your privilige! Doing post-exploitation stuff... Appcontainer directory: /var/mobile/Containers/Data/Application/82106A51-F2B6-4FB6-ADE3-E570F641265E/Documents Web Server running on port 80 Server started at port no. 80 with root directory as /
Looking at your webserver I think I'll actually use it it looks good, I'll commit later when I finish this exploit. I'll write some simple authentication for it and then it's really awesome! Thanks ;)
