You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Frida version is 12.7.26 on an iPhone 5s with iOS 12.2, jailbroken with unc0ver (Undecimus-v3.8.0.b1-2).
If I manually remove the PIE flag from the MachO header, resign the app and reinstall it, it crashes and does not start at all. If I get the PIE flag back in, it works again, so the problem is not the signing.
I tried using Frida to spawn the app with ASLR disabled, but it didn't seem to change anything.
I'm spawning the app from the client in JavaScript as follows:
Then in the agent, I check the address of the function, and it's different every time
let main = Module.findExportByName(null, "main");
console.log("found main() at address: " + main);
Output after each try
found main() at address: 0x100a7e260
found main() at address: 0x10092e260
found main() at address: 0x100cbe260
I'm not getting any errors from Frida, saying that disabling ASLR is not supported on this iOS version. It just doesn't do anything. Am I doing something wrong, or it's just not working on iOS 12.2?
There's an open issue for this since 2015 (#42), but I can see it's already implemented in code...
The text was updated successfully, but these errors were encountered:
Frida version is 12.7.26 on an iPhone 5s with iOS 12.2, jailbroken with unc0ver (Undecimus-v3.8.0.b1-2).
If I manually remove the PIE flag from the MachO header, resign the app and reinstall it, it crashes and does not start at all. If I get the PIE flag back in, it works again, so the problem is not the signing.
I tried using Frida to spawn the app with ASLR disabled, but it didn't seem to change anything.
I'm spawning the app from the client in JavaScript as follows:
Then in the agent, I check the address of the function, and it's different every time
Output after each try
I'm not getting any errors from Frida, saying that disabling ASLR is not supported on this iOS version. It just doesn't do anything. Am I doing something wrong, or it's just not working on iOS 12.2?
There's an open issue for this since 2015 (#42), but I can see it's already implemented in code...
The text was updated successfully, but these errors were encountered: