Uploaded on

 

More in: Education
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,854
On Slideshare
0
From Embeds
0
Number of Embeds
6

Actions

Shares
Downloads
8
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. IPhone case study 2010/05/05 by Sean Chen
  • 2. IPhone Arc ● IPhone Arc ● Libusb – TCP/ (openSSL/openSSH) – Local host(127.0.0.1) ● Usbmuxd – Control usblib ● Libusbmuxd – Bridge ● Libiphone – Access iPhone
  • 3. libusb ● Usb control ● configure – Device list (Bus, Device ID, Address) – UUID(create time, hardID) ● Process – Event trigger(Address,data) – Lock device(lock process) – Unlock (Free) ● Error handle – Device not exist – time-out ● Ref:http://funningboy.blogspot.com/2010/03/usb-device.html ● http://www.libusb.org/
  • 4. Libusb->sample flow ● usb_init(); ● usb_find_busses(); ● usb_find_devices(); ● for (bus = usb_busses; bus; bus = bus->next) { ● for (dev = bus->devices; dev; dev = dev->next) { ● open_device(); ● Proc(); – Get_ProductID(); – Get SerialNumber(); ● close_device(); ● } ● } ●
  • 5. libusbmuxd ● Propose ● 'usbmuxd' stands for "USB multiplexing daemon". This daemon is in charge of multiplexing connections over USB to an iPhone or iPod touch. ● The higher-level layers are handled by libimobiledevice. 'ifuse' is then able to sit on top of this and mount your device's AFC filesystem share.
  • 6. libusbmuxd ● Protocol ● talk usblib – SerialNumber – Address, message.. ● Socket – Create socket – Connect socket ● Rec buffer, send buffer – check ● Process ● Event handle ● Subscribe 2 libiphone
  • 7. bplist ● Propose ● Apple Binary and XML Property Lists ● Define Data Based 2 iPhone Lib ● Plist – Array – String – Boolean – Date ● Node ● ....
  • 8. IPhone lib
  • 9. ifuse ● Propose ● Access the IPhone file system (root/media/..) ● Protocol ● AFC/AFC2 – AFC is a service that runs on every iPhone / iPod, which iTunes uses to exchange files with the device and runs over the usbmux protocol. – Ref: http://www.theiphonewiki.com/wiki/index.php? title=AFC ● Ref: http://www.hackint0sh.org/f128/62343.htm
  • 10. ifuse->Top flow chart ● Top flow chart ● Fuse define – Create fuse – Parse fuse – Operate fuse ● Mount – Check mount is ok? – Mount handle (lock it) ● Device – Check device is ok? – Device handle (usb, lock it) ● AFC – Start AFC service ● Free Fuse
  • 11. ifuse->ifuse.c /ifuse-1.0.0 ● Using “cflow” to get sample flow chart ● main() <int main (int argc,char *argv[]) at ifuse.c:647>: ● FUSE_ARGS_INIT() ● memset() ● fuse_opt_parse() ● ifuse_opt_proc() <int ifuse_opt_proc (void *data,const char *arg,int key,struct fuse_args outargs) at ifuse.c:600>: ● strdup() ● idevice_set_debug_level() ● print_usage() <void print_usage () at ifuse.c:582>: ● fprintf() ● exit() ● fprintf() ● free() ● fprintf() ● strlen() ● stat() ● strerror() ● idevice_new() ● lockdownd_client_new_with_handshake() ● idevice_free() ● lockdownd_start_service() ● lockdownd_client_free() ● strcmp() ● fuse_main() ●
  • 12. ifuse->Include lib ● afc.h ● Error define – #define AFC_E_SUCCESS 0 – #define AFC_E_UNKNOWN_ERROR 1 ● Process define – afc_client_new – afc_client_free – afc_get_file_info – afc_file_read ● Ref :http://fuse.sourceforge.net/doxygen/fuse__opt_8h.html ● http://libiphone.sourcearchive.com/documentation/0.9.5/afc_ 8h_aa6779ea2d15302f7ff812ba5863c8a5.html