Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash with "Killed: 9" message #43

Open
interference-security opened this issue Mar 1, 2020 · 3 comments
Open

Crash with "Killed: 9" message #43

interference-security opened this issue Mar 1, 2020 · 3 comments

Comments

@interference-security
Copy link

I am trying to run fsmon on iOS 12.1.2 (iPhone 6S) jailbroken using Unc0ver. When running fsmon it returns error message Killed:9.

What I have already tried:
lipo and ldid (Source: https://medium.com/@felipejfc/the-ultimate-guide-for-live-debugging-apps-on-jailbroken-ios-12-4c5b48adf2fb)
On Mac: lipo -thin arm64 fsmon-ios -output fsmon-ios-arm64
On iOS: ldid -Sentity.xml fsmon-ios-arm64
@interference-security
Copy link
Author

interference-security commented Mar 1, 2020
edited
Loading

iDevice:~ root#ldid -e `which bash` > ent.xml
iDevice:~ root# cat ent.xml

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>platform-application</key>
        <true/>
        <key>com.apple.private.security.no-container</key>
        <true/>
        <key>com.apple.private.skip-library-validation</key>
        <true/>
</dict>
</plist>

iDevice:~ root#ldid -Sent.xml fsmon-ios
iDevice:~ root#chmod 755 fsmon-ios
iDevice:~ root#inject ./fsmon-ios

Actually injecting 1 keys
1 new hashes to inject
Successfully injected [1/1] to trust cache.

iDevice:~ root# ./fsmon-ios

dyld: Symbol not found: ___chkstk_darwin
  Referenced from: /private/var/root/./fsmon-ios (which was built for iOS 13.2)
  Expected in: /usr/lib/libSystem.B.dylib
 in /private/var/root/./fsmon-ios
Abort trap: 6

@interference-security
Copy link
Author

Fails for fsmon 1.7.0 only. Works for fsmon 1.6.1 and 1.6.

wget https://github.com/nowsecure/fsmon/releases/download/1.6.1/fsmon-ios -O fsmon161
chmod 755 fsmon161
ldid -Sent.xml fsmon161
./fsmon161 --help
Usage: ./fsmon161 [-Jjc] [-a sec] [-b dir] [-B name] [-p pid] [-P proc] [path]
 -a [sec]  stop monitoring after N seconds (alarm)
 -b [dir]  backup files to DIR folder (EXPERIMENTAL)
 -B [name] specify an alternative backend
 -c        follow children of -p PID
 -f        show only filename (no path)
 -h        show this help
 -j        output in JSON format
 -J        output in JSON stream format
 -n        do not use colors
 -L        list all filemonitor backends
 -p [pid]  only show events from this pid
 -P [proc] events only from process name
 -v        show version
 [path]    only get events from this path

@evandrix
Copy link

evandrix commented May 9, 2020
edited
Loading

reporting that v1.7.0 works for me on iPhone 7 Plus,

after make ios on macOS v10.15.4, Xcode 11.4.1 Build version 11E503a

then

ldid -e $(which bash) >entitlement.xml
ldid -Sentitlement.xml fsmon

@cxzero cxzero mentioned this issue Apr 16, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@evandrix @interference-security