diff options
author | Nikias Bassen | 2013-04-24 03:37:49 +0200 |
---|---|---|
committer | Nikias Bassen | 2013-04-24 03:37:49 +0200 |
commit | ddf0da04e26d634eb459a6d4a0d452d34c62e83b (patch) | |
tree | 444bed0730186906a81fbe8aea0699552ee667c5 | |
parent | e4e25ee2b31b92b78ac65e3b493430c587ca09f3 (diff) | |
download | idevicerestore-ddf0da04e26d634eb459a6d4a0d452d34c62e83b.tar.gz idevicerestore-ddf0da04e26d634eb459a6d4a0d452d34c62e83b.tar.bz2 |
limera1n: verify device mode after sending exploit to check for failure
-rw-r--r-- | src/idevicerestore.c | 4 | ||||
-rw-r--r-- | src/limera1n.c | 12 | ||||
-rw-r--r-- | src/limera1n.h | 2 |
3 files changed, 12 insertions, 6 deletions
diff --git a/src/idevicerestore.c b/src/idevicerestore.c index 04207d3..13b7031 100644 --- a/src/idevicerestore.c +++ b/src/idevicerestore.c @@ -279,7 +279,7 @@ int idevicerestore_start(struct idevicerestore_client_t* client) } info("exploiting with limera1n...\n"); // TODO: check for non-limera1n device and fail - if (limera1n_exploit(client->device, client->dfu->client) != 0) { + if (limera1n_exploit(client->device, &client->dfu->client) != 0) { error("ERROR: limera1n exploit failed\n"); dfu_client_free(client); return -1; @@ -738,7 +738,7 @@ int idevicerestore_start(struct idevicerestore_client_t* client) } info("exploiting with limera1n\n"); // TODO: check for non-limera1n device and fail - if (limera1n_exploit(client->device, client->dfu->client) != 0) { + if (limera1n_exploit(client->device, &client->dfu->client) != 0) { error("ERROR: limera1n exploit failed\n"); dfu_client_free(client); if (delete_fs && filesystem) diff --git a/src/limera1n.c b/src/limera1n.c index 0d0edcc..29cb02a 100644 --- a/src/limera1n.c +++ b/src/limera1n.c @@ -28,7 +28,7 @@ #include "limera1n.h" #include "limera1n_payload.h" -int limera1n_exploit(struct irecv_device *device, irecv_client_t client) +int limera1n_exploit(struct irecv_device *device, irecv_client_t *pclient) { irecv_error_t err = IRECV_E_SUCCESS; unsigned int i = 0; @@ -56,6 +56,8 @@ int limera1n_exploit(struct irecv_device *device, irecv_client_t client) shellcode_length = sizeof(limera1n_payload); memcpy(shellcode, limera1n_payload, sizeof(limera1n_payload)); + irecv_client_t client = *pclient; + debug("Resetting device counters\n"); err = irecv_reset_counters(client); if (err != IRECV_E_SUCCESS) { @@ -96,11 +98,15 @@ int limera1n_exploit(struct irecv_device *device, irecv_client_t client) debug("Exploit sent\n"); debug("Reconnecting to device\n"); - client = irecv_reconnect(client, 7); - if (client == NULL) { + *pclient = irecv_reconnect(client, 7); + if (*pclient == NULL) { error("Unable to reconnect\n"); return -1; } + if ((*pclient)->mode != kDfuMode) { + error("Device reconnected in non-DFU mode\n"); + return -1; + } return 0; } diff --git a/src/limera1n.h b/src/limera1n.h index 1c729ed..c96214a 100644 --- a/src/limera1n.h +++ b/src/limera1n.h @@ -2,6 +2,6 @@ #define __LIMERA1N_H #include <libirecovery.h> -int limera1n_exploit(struct irecv_device *device, irecv_client_t client); +int limera1n_exploit(struct irecv_device *device, irecv_client_t *client); #endif /* __LIMERA1N_H */ |