"evalfile usefulscripts/dumpModules.js" unsupported on 1.0.0

Question

"evalfile usefulscripts/dumpModules.js" unsupported on 1.0.0

edgan opened this issue 7 years ago · 6 comments

switch 'xxxxxxxxxxxx' (1.0.0)> evalfile usefulscripts/dumpModules.js

Switch 'xxxxxxxxxxxx' (1.0.0) disconnected.
switch>

Answer 1 · 2018-02-22T04:44:31.000Z

Line 74 causes the disconnect. But I am guessing the memory address, 0x955558, is wrong for 1.0.0, and ultimately that is the problem.

usefulscripts/dumpModules.js:

68 utils.log("stage1, getting webkit ldr:ro handle");
69 //We are reusing WebKit's ldr:ro session
70 var ldrro_mng_ptr = utils.add2(sc.mainaddr, 0x955558);
71 //utils.log('ldr:ro management str base ptr is: ' + utils.paddr(ldrro_mng_ptr));
72 var ldrro_mng = sc.read8(ldrro_mng_ptr);
73 //utils.log('ldr:ro management str base is: ' + utils.paddr(ldrro_mng));
74 var ldrro = sc.read8(utils.add2(ldrro_mng, 0xc));
75 //utils.log('ldr:ro handle is: 0x' + ldrro[0].toString(16))

Answer 2 · 2018-02-22T05:06:31.000Z

Yeah, that sounds about right.

Answer 3 · 2018-02-22T05:08:28.000Z

If people are going to stay on 1.0.0 and not upgrade to 3.0.0, we need more things supported with 1.0.0.

Answer 4 · 2018-02-22T05:12:44.000Z

Indeed. @GovanifY, how'd you track down that offset originally?

Answer 5 · 2018-02-22T05:41:08.000Z

Reverse engineering of a webkit dump on 2.0

Answer 6 · 2018-02-26T14:24:38.000Z

Offset for 1.0.0 is 0x95D1E8; script doesn't work as-is.