Welcome to the iOS Hacker Wiki
If you have anything you want added or changed to this wiki, feel free to open a Pull Request or Tweet me @ClevrPwn.
Currently you can find Beta 1 - Beta 6 Decrypted Kernels, Disassembled Beta 1 and some Beta 2, we'll be steadily updating the site with more info. Catch ClevrPwn and WVabrinskas at WWJC2016 speaking about on the wiki. We will post slides at the end of the con.
Here you can find the iOS 10 Objective-C headers as derived from runtime introspection.
Decrypted iOS 10 kernels for all device families.
Disassembled kernels for a few devices, more to come. Feel free to contribute for devices not included.
Tools that helped us along the way.
List of all the kexts included… pretty self explanatory.
Mach Traps and MIG tables
Mach system calls are commonly known as “traps”.
At the trap level, the interface to most Mach abstractions consists of messages sent to and from kernel ports representing those objects. The trap-level interfaces (such as
mach_msg_overwrite_trap) and message formats are themselves abstracted in normal usage by the Mach Interface Generator (MIG). MIG is used to compile procedural interfaces to the message-based APIs, based on descriptions of those APIs.
sysctl is an interface for examining and dynamically changing parameters in UNIX-like operating systems.
A system call is the programmatic way in which a computer program requests a service from the kernel of the operating system it is executed on. This may include hardware-related services (for example, accessing a hard disk drive), creation and execution of new processes, and communication with integral kernel services such as process scheduling.
Table of device identifiers
Who We Are