本人手機(jī)是iPhone6splus
之前不小心升級(jí)到了12.4.1
暫時(shí)沒(méi)有完美越獄苛骨,無(wú)法使用unc0ver 越獄
我先用checkra 進(jìn)行不完美越獄進(jìn)行調(diào)試
- 現(xiàn)版本直接在終端用
cycript -p 進(jìn)程名會(huì)有下面的錯(cuò)誤
[5606] DarwinInjector.cpp[263]: _krncall(mach_vm_read_overwrite) =10000003
*** _assert(status == 0):../Inject.cpp(143):InjectLibrary
iOS12需要使用cyrun附加App,進(jìn)入cycrip后所有操作跟之前一樣
- 通過(guò)Cydia安裝
New Curses,readline,adv-cmds - 通過(guò)Cydia安裝
wget,主要為了在iPhone上可以下載deb文件 - 以root用戶登錄到iPhone上性雄,分別下載
wget http://apt.saurik.com/debs/cycript_0.9.594_iphoneos-arm.deb
wget http://www.tateu.net/repo/files/net.tateu.cycriptlistenertweak_1.0.0_iphoneos-arm.deb
wget http://www.tateu.net/repo/files/net.tateu.cyrun_1.0.5_iphoneos-arm.deb
- 以root用戶在iPhone上安裝下載的
deb
dpkg -i cycript_0.9.594_iphoneos-arm.deb
dpkg -i net.tateu.cycriptlistenertweak_1.0.0_iphoneos-arm.deb net.tateu.cyrun_1.0.5_iphoneos-arm.deb
-
cyrun -n 進(jìn)程名 -e -d -f會(huì)重啟相應(yīng)進(jìn)程,然后進(jìn)入cycript模式棍鳖,退出cycript時(shí)自動(dòng)殺掉進(jìn)程并重載
下面用進(jìn)入SpringBoard進(jìn)程舉例
maihoumuten:~ root# cyrun -n SpringBoard -e -d -f
applicationName: SpringBoard is running (5521)
executableName: SpringBoard
bundleIdentifier: com.apple.springboard
Cycript is inactive:
Device is not passcode locked
Tweak Mode
Waiting for Process to close...
Waiting for SpringBoard to launch...
Waiting for Cycript to become active...
Success, you may now run
cycript -r 127.0.0.1:8556
cy#
- 進(jìn)入
cy#模式后就可以像以前一樣操作了撒璧。
cy# UIApp
#"<SpringBoard: 0x15e80ae00>"
