def AlignedStruct(name, *subcons, **kw): """a struct of aligned fields * name - the name of the struct * subcons - the subcons that make up this structure * kw - keyword arguments to pass to Aligned: 'modulus' and 'pattern' """ return Struct(name, *(Aligned(sc, **kw) for sc in subcons))
def BitStruct(name, *subcons): r"""A struct of bitwise fields :param name: the name of the struct :param \*subcons: the subcons that make up this structure """ return Bitwise(Struct(name, *subcons))
def EmbeddedBitStruct(*subcons): r""" An embedded BitStruct. no name is necessary. :param \*subcons: the subcons that make up this structure """ return Bitwise(Embedded(Struct(None, *subcons)))
def AlignedStruct(name, *subcons, **kw): r"""A struct of aligned fields :param name: the name of the struct :param \*subcons: the subcons that make up this structure :param \*\*kw: keyword arguments to pass to Aligned: 'modulus' and 'pattern' """ return Struct(name, *(Aligned(sc, **kw) for sc in subcons))
def ClassEntry_(): return Struct( "_type" / Int16ul, "isInstance" / C.Computed(lambda this: this._type & 1), "Class_Index" / C.Computed(lambda this: this._type >> 1), "_valid" / C.Computed(lambda this: this._type < len(this._root.defs)), "index" / Int16ul, "content" / C.If( this.isInstance, C.LazyBound(lambda: PrefixedOffset( Int64ul, ClassImplementation(this._._.Class_Index), -8))))
0x3E94D589: [4096, 128, 8, 216, 4, 2, 4, 2, 3872, 8, 8], 0x3ED5D72C: [8192, 128, 8, 216, 4, 2, 4, 2, 7744, 8, 8], 0x3E94D52C: [4096, 128, 8, 216, 4, 2, 4, 2, 3872, 8, 8] } _vfl_vfl_context = Struct("_vfl_vfl_context", ULInt32("usn_inc"), Array(3, ULInt16("control_block")), ULInt16("unk1"), ULInt32("usn_dec"), ULInt16("active_context_block"), ULInt16("next_context_page"), ULInt16("unk2"), ULInt16("field_16"), ULInt16("field_18"), ULInt16("num_reserved_blocks"), ULInt16("reserved_block_pool_start"), ULInt16("total_reserved_blocks"), Array(820, ULInt16("reserved_block_pool_map")), Array(282, ULInt8("bad_block_table")), Array(4, ULInt16("vfl_context_block")), ULInt16("remapping_schedule_start"), Array(0x48, ULInt8("unk3")), ULInt32("version"), ULInt32("checksum1"), ULInt32("checksum2") ) _vfl_vsvfl_spare_data = Struct("_vfl_vsvfl_spare_data", Union("foo", Struct("user",ULInt32("logicalPageNumber"),ULInt32("usn")), Struct("meta",ULInt32("usnDec"),ULInt16("idx"), ULInt8("field_6"), ULInt8("field_7"))
from construct.core import Struct, Union from construct.macros import * from crypto.aes import AESdecryptCBC from crypto.aeswrap import AESUnwrap from zipfile import crc32 import struct Dkey = 0x446B6579 EMF = 0x454D4621 BAG1 = 0x42414731 DONE = 0x444f4e45 #locker sentinel #**** = 0x2A2A2A2A #wildcard for erase #MAGIC (kL) | LEN (2bytes) | TAG (4) | DATA (LEN) Locker = Struct("Locker", String("magic", 2), ULInt16("length"), Union("tag", ULInt32("int"), String("tag", 4)), String("data", lambda ctx: ctx["length"])) Lockers = RepeatUntil(lambda obj, ctx: obj.tag.int == DONE, Locker) def xor_strings(s, key): res = "" for i in xrange(len(s)): res += chr(ord(s[i]) ^ ord(key[i % len(key)])) return res def check_effaceable_header(plog): z = xor_strings(plog[:16], plog[16:32]) if z[:4] != "ecaF":
AFC_FOPEN_APPEND = 0x00000005 # a O_WRONLY | O_APPEND | O_CREAT AFC_FOPEN_RDAPPEND = 0x00000006 # a+ O_RDWR | O_APPEND | O_CREAT AFC_HARDLINK = 1 AFC_SYMLINK = 2 AFC_LOCK_SH = 1 | 4 # shared lock AFC_LOCK_EX = 2 | 4 # exclusive lock AFC_LOCK_UN = 8 | 4 # unlock AFCMAGIC = "CFA6LPAA" AFCPacket = Struct("AFCPacket", String("magic", 8,), ULInt64("entire_length"), ULInt64("this_length"), ULInt64("packet_num"), ULInt64("operation") ) #typedef struct { # uint64_t filehandle, size; #} AFCFilePacket; class AFCError(IOError): lookup_table = { AFC_E_SUCCESS: "Success", AFC_E_UNKNOWN_ERROR: "Unknown error", AFC_E_OP_HEADER_INVALID: "OP header invalid", AFC_E_NO_RESOURCES: "No resources", AFC_E_READ_ERROR: "Read error",
GreedyBytes, PrefixedArray, Default, If, this, ) WIDEVINE_SYSTEM_ID = UUID("edef8ba9-79d6-4ace-a3c8-27dcd51d21ed") # Construct for a Widevine PSSH box PSSH_BOX = Prefixed( Int32ub, Struct( "type" / Const(b"pssh"), "version" / Default(Int8ub, 1), "flags" / Const(0, Int24ub), "system_id" / Const(WIDEVINE_SYSTEM_ID.bytes, Bytes(16)), "key_ids" / If(this.version == 1, PrefixedArray(Int32ub, Bytes(16))), "data" / Prefixed(Int32ub, GreedyBytes), ), includelength=True, ) VALID_TRACKS = ["AUDIO", "SD", "HD", "UHD1", "UHD2"] PROTECTION_SCHEME = { "cenc": 1667591779, "cens": 1667591795, "cbc1": 1667392305, "cbcs": 1667392371, }
"content", "_data" / C.Rebuild( C.Struct("size" / C.Rebuild(sizetype, C.len_(this.data) - offs), "data" / C.Bytes(this.size + offs)), lambda obj: {"data": type.build(obj.content, **{ **obj._params, **obj })}), "content" / C.RestreamData(this._data.data, type)) # Class definition handling ClassMemberDefinition = Struct( "name" / DataPointer(Int64ul, CString("utf8"), "names"), "type" / Byte, "unkn" / Byte, "size" / Byte, "_unknData" / C.Default(Byte[69], [0 for _ in range(69)]), ) ClassDefinition = DataPointer( Int64ul, Struct("hash" / Int64ul, "members" / C.PrefixedArray(Int64ul, ClassMemberDefinition)), "definitionData") ClassDefinitionList = C.FocusedSeq( "definitions", "_count" / C.Rebuild(Int32ul, C.len_(this.definitions)), "definitions" / C.Prefixed( Int32ul, C.Aligned(
from construct.core import Struct, Int16ub difuse_request = Struct( op=Int16ub, length=Int16ub, ) difuse_response = Struct(status=Int16ub, length=Int16ub)
from crypto.aes import AESdecryptCBC from util import hexdump WHIMORY_SIGNATURE_MAGIC = "xrmw" WHIMORY_SIGNATURE_VER_PPN_CUR = 7 PPNSignature = Struct( "PPNSignature", String("magic", 4), ULInt32("f4"), ULInt32("whimory_ver_at_birth"), ULInt32("ftl_major_version"), ULInt32("ftl_minor_version"), ULInt32("xxx"), ULInt32("vfl_major_version"), ULInt32("vfl_minor_version"), ULInt32("f20"), ULInt32("FPart_major"), ULInt32("f22"), ULInt32("f23"), ULInt32("f24"), ULInt32("geometry_num_ce"), ) PPNVFLSpare = Struct( "PPNVFLSpare", ULInt8("type"), ULInt8("bank"), ULInt16("index"), ULInt32("ctx_age"),
from construct.core import Struct from construct.macros import * IMG2 = Struct( "IMG2", String("magic", 4), ULInt32("block_size"), ULInt32("images_offset"), ULInt32("images_block"), ULInt32("images_length"), Padding(0x1C), ULInt32("crc32"), )
import struct #https://github.com/iDroid-Project/openiBoot/blob/master/openiboot/ftl-yaftl/yaftl.c YAFTL_CXT = Struct( "YAFTL_CXT", String("version", 4), ULInt32("unknCalculatedValue0"), ULInt32("totalPages"), ULInt32("latestUserBlock"), ULInt32("cxt_unkn0_usn"), ULInt32("latestIndexBlock"), ULInt32("maxIndexUsn"), ULInt32("blockStatsField4"), ULInt32("blockStatsField10"), ULInt32("numAllocatedBlocks"), ULInt32("numIAllocatedBlocks"), ULInt32("unk184_0xA"), Array(10, ULInt32("cxt_unkn1")), ULInt32("field_58"), ULInt16("tocArrayLength"), ULInt16("tocPagesPerBlock"), ULInt16("tocEntriesPerPage"), ULInt16("unkn_0x2A"), ULInt16("userPagesPerBlock"), ULInt16("unk64"), Array(11, ULInt32("cxt_unkn2")), ULInt8("unk188_0x63"), ) TOCStruct = Struct( "TOCStruct",
'section_len': 0, 'block_len2': 28 } IDB = { 'block_type': 0x00000001, 'block_len': 20, 'link_type': 1, 'reserved': 0, 'snap_len': 0, 'block_len2': 20 } shb = Struct( block_type=Int32ub, block_len=Int32ub, bom=Int32ub, major_version=Int16ub, minor_version=Int16ub, section_len=Int64ub, block_len2=Int32ub, ) idb = Struct( block_type=Int32ub, block_len=Int32ub, link_type=Int16ub, reserved=Int16ub, snap_len=Int32ub, block_len2=Int32ub, ) epb_head = Struct(block_type=Int32ub, block_len=Int32ub,
def BitStruct(name, *subcons): """a struct of bitwise fields * name - the name of the struct * subcons - the subcons that make up this structure """ return Bitwise(Struct(name, *subcons))
def EmbeddedBitStruct(*subcons): """an embedded BitStruct. no name is necessary. * subcons - the subcons that make up this structure """ return Bitwise(Embedded(Struct(None, *subcons)))
def RGBA(): return Struct("red" / Byte, "green" / Byte, "blue" / Byte, "alpha" / Byte)
AFC_HARDLINK = 1 AFC_SYMLINK = 2 AFC_LOCK_SH = 1 | 4 #/**< shared lock */ AFC_LOCK_EX = 2 | 4 #/**< exclusive lock */ AFC_LOCK_UN = 8 | 4 #/**< unlock */ if PY3: AFCMAGIC = b"CFA6LPAA" else: AFCMAGIC = "CFA6LPAA" AFCPacket = Struct( "magic" / Const(AFCMAGIC), "entire_length" / Int64ul, "this_length" / Int64ul, "packet_num" / Int64ul, "operation" / Int64ul, ) class AFCClient(object): def __init__(self, lockdown=None, serviceName="com.apple.afc", service=None, udid=None, logger=None): self.logger = logger or logging.getLogger(__name__) self.serviceName = serviceName self.lockdown = lockdown if lockdown else LockdownClient(udid=udid)
def Vector4(): return Struct("x" / Float32l, "y" / Float32l, "z" / Float32l, "w" / Float32l)
def Quat4(): return Struct("x" / Float32l, "y" / Float32l, "z" / Float32l, "w" / Float32l)
def Vector2(): return Struct("u" / Float32l, "v" / Float32l)
h2fmi_hash_table = [0] * 256 for i in xrange(256): val = ((0x19660D * val) + 0x3C6EF35F) & 0xffffffff for j in xrange(762): val = ((0x19660D * val) + 0x3C6EF35F) & 0xffffffff h2fmi_hash_table[i] = val & 0xffffffff return h2fmi_hash_table # Page types (as defined in the spare data "type" bitfield) PAGETYPE_INDEX = 0x4 #Index block indicator PAGETYPE_LBN = 0x10 # User data PAGETYPE_FTL_CLEAN = 0x20 # FTL context (unmounted, clean) PAGETYPE_VFL = 0x80 #/ VFL context SpareData = Struct("SpareData", ULInt32("lpn"), ULInt32("usn"), ULInt8("field_8"), ULInt8("type"), ULInt16("field_A")) # Block status (as defined in the BlockStruct structure) BLOCKSTATUS_ALLOCATED = 0x1 BLOCKSTATUS_FTLCTRL = 0x2 BLOCKSTATUS_GC = 0x4 BLOCKSTATUS_CURRENT = 0x8 BLOCKSTATUS_FTLCTRL_SEL = 0x10 BLOCKSTATUS_I_GC = 0x20 BLOCKSTATUS_I_ALLOCATED = 0x40 BLOCKSTATUS_I_CURRENT = 0x80 BLOCKSTATUS_FREE = 0xFF ERROR_ARG = 0x80000001 ERROR_NAND = 0x80000002 ERROR_EMPTY = 0x80000003
def Capsule(): return Struct("min" / Vector4(), "max" / Vector4(), "scale" / Float32l, "unkn" / Float32l, "unkn2" / Int32ul, "unkn3" / Int32ul)
from carver import NANDCarver from construct.core import Struct from construct.macros import ULInt32, ULInt16, Array, ULInt8, Padding from pprint import pprint from structs import SpareData from util import hexdump from vfl import VFL import plistlib """ openiboot/plat-s5l8900/ftl.c openiboot/plat-s5l8900/includes/s5l8900/ftl.h """ FTLCxtLog = Struct("FTLCxtLog", ULInt32("usn"), ULInt16("wVbn"), ULInt16("wLbn"), ULInt32("wPageOffsets"), ULInt16("pagesUsed"), ULInt16("pagesCurrent"), ULInt32("isSequential")) FTLCxtElement2 = Struct("FTLCxtElement2", ULInt16("field_0"), ULInt16("field_2")) FTLCxt = Struct( "FTLCxt", ULInt32("usnDec"), ULInt32("nextblockusn"), ULInt16("wNumOfFreeVb"), ULInt16("nextFreeIdx"), ULInt16("swapCounter"), Array(20, ULInt16("awFreeVb")), ULInt16("field_36"), Array(18, ULInt32("pages_for_pawMapTable")), Array(36, ULInt32("pages_for_pawEraseCounterTable")),
from construct.core import Struct from construct.macros import * from construct import RepeatUntil, OneOf from util import hexdump SCFGItem = Struct("SCFGItem", String("tag", 4), String("data", 16, padchar="\x00") ) SCFG = Struct("SCFG", OneOf(String("magic", 4), ["gfCS"]), ULInt32("length"), ULInt32("unk1"), ULInt32("unk2"), ULInt32("unk3"), ULInt32("unk4") ) def parse_SCFG(data): res = {} scfg = SCFG.parse(data) assert scfg.length > 0x18 for i in Array((scfg.length - 0x18) / 20, SCFGItem).parse(data[0x18:scfg.length]): if i.tag != "\xFF\xFF\xFF\xFF": res[str(i.tag)[::-1]] = str(i.data) return res