The errata list is a list of errors and their corrections that were found after the product was released.
The following errata were submitted by our customers and have not yet been approved or disproved by the author or editor. They solely represent the opinion of the customer.
Version |
Location |
Description |
Submitted by |
Date Submitted |
Printed |
Page 130
5th paragraph |
If you already have an image and the device encryption keys plist from another tool you can still use emf_decrypter.py and emf_undelete.py with minor changes.
emf_decrypter will actually take the key file name as the second argument to the function, e.g.:
$python emf_decrypter.py image.dmg keyfile.plist
However, absent this argument, the program will not find the plist in the current directory and emf_decrypter will not take an additional keyfile argument.
The fix is to patch the __init__ method for the class EMFVolume in hfs/emf.py to make the following change:
dirname = os.path.dirname(os.path.abspath(bdev.filename))
which will cause the current working directory to be searched in the absence of a passed filename.
|
Sean McLinden |
Sep 25, 2012 |
Printed |
Page 28
middleish |
Have compiled hello.c as per instructions and have confirmed several times. However the binary produced fails with the strings command.
The Error produced is:
strings: object: hello malformed object (unknown load command 8)
Followed commands to move to the iPad and the "ldid -S hello" also fails.
The cross compile is occurring on a MacBook Pro running Snow Leopard (10.8.8) using Xcode 4.2.
The resulting binary from the cross compile has the following output from the file command:
$file hello
hello: Mach-O executable arm
This is baffling me since it such a straight forward example. Any help greatly appreciated.
|
Garth Boyd |
Aug 21, 2012 |
PDF |
Page 226-227
SSLTheft Payload |
When I attempt to cross-compile the SSLTheft payload with the commands shown, I get the following error (running OS X 10.6.8):
injection.m: In function ?initialize?:
injection.m:43: warning: passing argument 3 of ?class_addMethod? from incompatible pointer type
injection.m:49: warning: passing argument 3 of ?class_addMethod? from incompatible pointer type
The POSTTheft payload presents me with a similar error.
I found additional information about the error here:
http://gcc.gnu.org/wiki/FAQ
http://c-faq.com/ansi/constmismatch.html
|
Billy Graham |
Jul 09, 2012 |
Printed |
Page 331
Second code sample |
The code sample compares the result of lstat() with non zero, but lstat() returns zero on success.
if (lstat("/Applications", &s) != 0) {
}
Should be:
if (lstat("/Applications", &s) == 0) {
}
|
Anonymous |
May 20, 2012 |
PDF |
Page 50
first paragraph |
Hi,
Just managed to deploy the launchd example to the iPhone and when I did that, the phone goes into a loop, literally bricks the phone, text goes up the screen like mad and the screen went white just now. I am hoping this is not going to brick my phone.
Here is how the screen looks like now:
http://dl.dropbox.com/u/32143863/Photo%20on%2002-05-2012%20at%2023.36.jpg
I cannot even turn the phone off right now. I'll wait till the battery dies and then restart it. This needs to be looked at immediately.
|
Vandad NP |
May 02, 2012 |
Printed, PDF |
Page 143
Last piece of example code |
The example code that JZ recommends you input doesn't work without some changes to the rest of the code.
I was getting the error below:
Traceback (most recent call last):
File "python_scripts/emf_undelete.py", line 24, in <module>
do_emf_carving(volume, carveokdir, carvenokdir)
File "/iPhone/iphone-dataprotection/python_scripts/hfs/journal.py", line 146, in do_emf_carving
if isDecryptedCorrectly(data):
TypeError: isDecryptedCorrectly() takes exactly 2 arguments (1 given)
The function: "def isDecryptedCorrectly(data, filekey):" is parsed 2 parameters data and filekey, but when called is only parsed "data" in original code from
Searching the file for "if isDecryptedCorrectly(data):" and replacing with "if isDecryptedCorrectly(data, filekey):" worked for me.
I also had to declare the following at the top of the file journal.py
import commands
import os
After that all worked ok.
|
isa56k |
Mar 29, 2012 |
Printed, PDF |
Page 37
$ sudo chown -R root:sheel System |
Example code says:
$ sudo chown -R root:sheel System
Shouldn't this be:
$ sudo chown -R root:wheel System
?
|
Anonymous |
Mar 28, 2012 |
Printed |
Page 88
Extracting Image Geotags |
The url below is broken ad the tool is not available for download.
http://www.virtual-cafe.com/~dhh/tools.d/exifprobe.d/exifprobe.html
|
isa56k |
Mar 26, 2012 |
Printed, PDF, Other Digital Version |
Page 66
Example 3-4 |
The code example provided online for launchd.c at http://examples.oreilly.com/0636920023234/ch03/ does not correspond to the code given in the text in Example 3-4 (launchd.c).
Two major issues exist in various parts of the code:
a. The disk paths are not the same e.g. in the book the most recent paths are used ("dev/disk0s1s1") while in the code examples older/incorrect paths are used ("dev/disk0s1").
b. The custom operations section in the example code is not the same with the code given in the text. Several cp and chmod operations are missing, e.g. cp("/files/sh", "/mnt/bin/sh"). Also, in the code online, unlink is called on payload.
Please, make sure that the two versions match and add some comments regarding disk paths in older versions of iOS.
|
Nick Toumpelis |
Mar 19, 2012 |
Printed, PDF, Other Digital Version |
Page 71
4th paragraph |
In this paragraph, it is mentioned that files sh, tar and libncurses.5.dylib could be found at http://www.oreilly.com, in ch03_tar_binaries.zip. However, no specific link is given and at http://examples.oreilly.com/0636920023234/ch03/, where the example code for this chapter is located, this binary or the files cannot be found.
A clarification is needed for users who cannot find the files online ( - if they cannot get them off the jailbroken device).
|
Nick Toumpelis |
Mar 18, 2012 |
PDF, Other Digital Version |
Page 45
the middle |
In the listing of launchd.c in example 2-5, the definition of the cp function is omitted, which results in failure when trying to build the example. The definition of the cp function can be found later in the book, in Chapter 5, in example 5-1 (spyd.c), at pp.133-134.
I had this confirmed with the author, and just wanted to make sure that the page gets updated for the benefit of other readers.
|
Nick Toumpelis |
Feb 16, 2012 |