Tutorial:Booting XNU on A4 Devices

From The iPhone Wiki
Revision as of 02:40, 4 November 2013 by Srb21103 (talk | contribs)
Jump to: navigation, search

Hello, I am 3x7R00Tripper and in this post I will present how can you boot xnu on all apple a4 devices. I do it with my iPhone 4 iOS 6.1.3

You find this post on my website also: [1]

First you must install CTF tools etc.

I present it with Mavericks and Mountain Lion.

Mavericks:

$ curl -O http://opensource.apple.com/tarballs/dtrace/dtrace-118.tar.gz
$ curl -O http://opensource.apple.com/tarballs/AvailabilityVersions/AvailabilityVersions-6.tar.gz
$ git clone https://github.com/3x7R00Tripper/xnu
$ tar zxf dtrace-118.tar.gz
$ cd dtrace-118
$ mkdir -p obj sym dst
$ xcodebuild install -target ctfconvert -target ctfdump -target ctfmerge ARCHS="x86_64" SRCROOT=$PWD OBJROOT=$PWD/obj SYMROOT=$PWD/sym DSTROOT=$PWD/dst
$ sudo ditto $PWD/dst/usr/local /usr/local
$ cd ..
$ tar zxf AvailabilityVersions-6.tar.gz
$ cd AvailabilityVersions-6
$ mkdir -p dst
$ make install SRCROOT=$PWD DSTROOT=$PWD/dst
$ sudo ditto $PWD/dst/usr/local `xcrun -sdk / -show-sdk-path`/usr/local
$ cd ..
$ cd xnu

For Mountain Lion read this post.

Now you are in the xnu folder Know you must make it for Apple A4:

$ make TARGET_CONFIGS="debug arm S5L8930X"

After the process navigate to BUILD/obj/DEBUG_ARM_S5L8930X In this folder are many files. mach_kernel is the bootable image.

Ok now you need the 4.x ipsw for your iDevice(A4) If you have a newer iOS version, you need the 4.1 ipsw also. You can download the ipsw for example here or here.

For booting the kernel you need redsn0w. Open terminal and navigate to the redsn0w folder. Now you write this commands:

$ cd redsn0w.app/Contents/MacOS
$ ./redsn0w -i <'4.1 iPSW'> -k <'mach_kernel'>

Here a example command:

$ ./redsn0w -i /Users/Louis/Desktop/iOS\:Mac\ hack/XNU_Kernel_Panic_Apple_A4-Booting/iPhone3\,1_4.1_8B117_Restore.ipsw -k /Users/Louis/Desktop/xnu/BUILD/obj/DEBUG_ARM_S5L8930X/mach_kernel

Boot-args:

-graphics-mode    Enables graphics mode. Boots with an apple logo and a white spinner, kernel panics show the panic dialog

Now you must get your iDevice(A4) in the DFU mode. Wait a few seconds and a white screen will flashes on your iDevice. Now you see the pineapple on your iDevice. 30 secounds - 1 minute later the kernel is booted on your iDevice. A long time you see 'Still waiting for root device'. But If you wait more than 10 - 30 minutes, appears a kernel panic. Ok you are finished and have fun :)