Menu
I am developing an app targeted at jailbroken iOS devices. It is to assist in automating some tasks. I need to create a simple text file (actually a .lua file) in /private/var/mobile/Library. Obviously, the debugger throws an access denied exception. The App is named 'CreateFile' for now for the purposes of testing.
I have attempted the following steps to gain root access:
Open the original executable file and replace its content with this script:
#!/bin/bash
dir=$(dirname "$0")
exec "${dir}"/CreateFile "$@"
Directly launching a root app fails on iOS. Therefore we replace the app's main executable with a script that launches the root executable.
In terminal, navigate to the app bundle.
chmod 0775 the original executable file and chmod 6775 the copied executable file.Using this method I can successfully install the app to the /Applications folder and get it to launch, however I expect that I still do not have root permissions because as soon as the app tries the write operation it crashes.
If anyone can shed some light on this situation I would be very grateful!
Edit:
Did some additional testing at @creker 's advice. When I try to create a file in an allowed directory like the app's documents, it creates just fine with no issues. Because of this, I am certain that the file creation is not causing the crash and that it is solely the inaccessible folder path.
Also at @creker 's advice I tried installing the app to /Applications without any launch scripts. The app crashes upon open this way. If I chmod the application executable to 775 after installation, the app will open but still crashes when trying to create the file.
I looked into the syslog from crash reporter. here is the crash line:
System.UnauthorizedAccessException: Access to the path "/private/var/mobile/Library/test.txt" is denied
Still hoping to remedy the issue, any ideas are welcome!
504
In most versions of Android, that goes like this: Head to Settings, tap Security, scroll down to Unknown Sources and toggle the switch to the on position. Now you can install KingoRoot. Then run the app, tap One Click Root, and cross your fingers. If all goes well, your device should be rooted within about 60 seconds.
Manage permissions for each third-party appGo into Settings and scroll all the way down to see a list of third party apps. Click each app to see what it has access to and use the toggle to change as needed.
Getting root access on iOS is increasingly hard as security measures go up, even with a jailbreak. The root account is getting fewer privileges with each release, but it's still possible to use this account. You can do this by making sure your app binary is owned by root:wheel, and then has the SETUID bit set.
chown root:wheel app_binary
chmod +s app_binary
and then in your app add the following to take advantage of it
@autoreleasepool
{
// Set uid and gid
if (!(setuid(0) == 0 && setgid(0) == 0))
{
NSLog(@"Failed to gain root privileges, aborting...");
exit(EXIT_FAILURE);
}
// Launch app
return UIApplicationMain(argc, argv, nil, NSStringFromClass([MyAppDelegate class]));
/* you'll need to modify this return line to match your app */
}
You will also need a launch script to make use of this in iOS above version 6
#!/bin/bash
myAppPath=$(dirname "$0")
exec "$myAppPath"/myApp_ "$@"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
