qemu-ios icon indicating copy to clipboard operation
qemu-ios copied to clipboard

Published 20 hours ago verified publisher icon devos50

Extracting kernel

Open jrmuizel opened this issue 2 years ago • 2 comments

What tool was used to extract Snowbird3A101a.N45Bundle/System/Library/Caches/com.apple.kernelcaches/kernelcache.s5l8900xrb?

joker gives me:

mmapped: 0x125ade000
still HERE
Feeding me a compressed kernelcache, eh? That's fine, now. I can decompress!
Compressed Size: 3319004, Uncompressed: 5968960. Unknown (CRC?): 0x83fd538e, Unknown 1: 0x0
Can't find kernel here.. Sorry. LZSS this yourself

jrmuizel avatar Dec 26 '22 19:12 jrmuizel

To be completely honest, I don't really remember :(. I think I tried several tools, some of which didn't even compile on modern systems.

devos50 avatar Jan 01 '24 16:01 devos50

It looks like the following works:

Decrypt it using the instructions for 1.1.x - 2.0b3 here: https://www.theiphonewiki.com/wiki/Decrypting_Firmwares

Decompress it using the following:

wget -q http://nah6.com/%7Eitsme/cvs-xdadevtools/iphone/tools/lzssdec.cpp
g++ -o lzssdec lzssdec.cpp
./lzssdec -o 384 < output >kernelcache.decrypted

jrmuizel avatar Jan 04 '24 15:01 jrmuizel