diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..a008196 --- /dev/null +++ b/Makefile @@ -0,0 +1,13 @@ +all: handle.o main wrapper + +handle.o: main.cpp + ~/android-ndk-r23b/standalone/bin/clang++ -Wall -Werror -nostdlib -c -O3 -o handle.o main.cpp + +main: handle.o test.c + ~/android-ndk-r23b/standalone/bin/clang -DMyRelease -Wall -Werror -L ./rootfs/system/lib64 -landroidappmusic -lstoreservicescore -lmediaplatform -lc++_shared -O3 -Wall -o rootfs/system/bin/main handle.o test.c + +wrapper: wrapper.c + clang -O3 -Wall -o wrapper wrapper.c + +clean: + rm handle.o wrapper rootfs/system/bin/main diff --git a/README.md b/README.md index a5ea634..e76963b 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,2 @@ # wrapper - apple-music-wrapper +All files from anonymous, No need for an Android emulator to decrypt alac \ No newline at end of file diff --git a/import.h b/import.h new file mode 100644 index 0000000..4370538 --- /dev/null +++ b/import.h @@ -0,0 +1,265 @@ +#pragma once + +struct shared_ptr { + void *obj; + void *ctrl_blk; +}; + +union std_string { + struct { + uint8_t mark; + char str[0]; + }; + struct { + size_t cap; + size_t size; + const char *data; + }; +}; + +struct std_vector { + void *begin; + void *end; + void *end_capacity; +}; + +static inline union std_string new_std_string(const char *s) { + union std_string str = { + .cap = 1, + .size = strlen(s), + .data = s, + }; + return str; +} + +static inline const char *std_string_data(union std_string *str) { + if ((str->mark & 1) == 0) { + return str->str; + } + return str->data; +} + +extern void _ZN20androidstoreservices30SVSubscriptionStatusMgrFactory6createEv(struct shared_ptr *); +extern void +_ZN20androidstoreservices27SVSubscriptionStatusMgrImpl33checkSubscriptionStatusFromSourceERKNSt6__ndk110shared_ptrIN17storeservicescore14RequestContextEEERKNS_23SVSubscriptionStatusMgr26SVSubscriptionStatusSourceE( + struct shared_ptr *, void *, struct shared_ptr *, int *); +extern void +_ZN17storeservicescore14RequestContext24setFairPlayDirectoryPathERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); + +extern void _resolv_set_nameservers_for_net(unsigned netid, const char **servers, int numservers, const char *domains); + +extern void +_ZN14FootHillConfig6configERKNSt6__ndk112basic_stringIcNS0_11char_traitsIcEENS0_9allocatorIcEEEE(union std_string *); + +extern void +_ZNSt6__ndk110shared_ptrIN17storeservicescore14RequestContextEE11make_sharedIJRNS_12basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEEEEES3_DpOT_( + struct shared_ptr *, union std_string *); +extern void _ZNSt6__ndk110shared_ptrIN20androidstoreservices28AndroidPresentationInterfaceEE11make_sharedIJEEES3_DpOT_( + struct shared_ptr *); + +extern void +_ZN20androidstoreservices28AndroidPresentationInterface16setDialogHandlerEPFvlNSt6__ndk110shared_ptrIN17storeservicescore14ProtocolDialogEEENS2_INS_36AndroidProtocolDialogResponseHandlerEEEE( + void *, void (*)(long, struct shared_ptr *, struct shared_ptr *)); +extern void +_ZN20androidstoreservices28AndroidPresentationInterface21setCredentialsHandlerEPFvNSt6__ndk110shared_ptrIN17storeservicescore18CredentialsRequestEEENS2_INS_33AndroidCredentialsResponseHandlerEEEE( + void *, void (*)(struct shared_ptr *, struct shared_ptr *)); + +extern void +_ZN17storeservicescore14RequestContext24setPresentationInterfaceERKNSt6__ndk110shared_ptrINS_21PresentationInterfaceEEE( + void *, struct shared_ptr *); + +extern void +_ZNSt6__ndk110shared_ptrIN17storeservicescore16AuthenticateFlowEE11make_sharedIJRNS0_INS1_14RequestContextEEEEEES3_DpOT_( + struct shared_ptr *, struct shared_ptr *); +extern void _ZN17storeservicescore16AuthenticateFlow3runEv(void *); +extern struct shared_ptr *_ZNK17storeservicescore16AuthenticateFlow8responseEv(void *); +extern int _ZNK17storeservicescore20AuthenticateResponse12responseTypeEv(void *); + +// storeservicescore::PlaybackLeaseSession::PlaybackLeaseSession(std::__ndk1::shared_ptr +// const&) +extern void +_ZN22SVPlaybackLeaseManagerC2ERKNSt6__ndk18functionIFvRKiEEERKNS1_IFvRKNS0_10shared_ptrIN17storeservicescore19StoreErrorConditionEEEEEE( + void *, void *, void *); +extern void _ZN22SVPlaybackLeaseManager25refreshLeaseAutomaticallyERKb(void *, uint8_t *); +extern void _ZN22SVPlaybackLeaseManager12requestLeaseERKb(void *, uint8_t *); + +// storeservicescore::ProtocolDialogResponse::setSelectedButton(std::__ndk1::shared_ptr +// const&) +extern void +_ZN17storeservicescore22ProtocolDialogResponse17setSelectedButtonERKNSt6__ndk110shared_ptrINS_14ProtocolButtonEEE( + void *, struct shared_ptr *); +// storeservicescore::ProtocolDialog::title() const +extern union std_string *_ZNK17storeservicescore14ProtocolDialog5titleEv(void *); +// storeservicescore::ProtocolDialog::message() const +extern union std_string *_ZNK17storeservicescore14ProtocolDialog7messageEv(void *); + +extern union std_string *_ZNK17storeservicescore18CredentialsRequest5titleEv(void *); +extern union std_string *_ZNK17storeservicescore18CredentialsRequest7messageEv(void *); +extern uint8_t _ZNK17storeservicescore18CredentialsRequest28requiresHSA2VerificationCodeEv(void *); + +extern void +_ZN20androidstoreservices28AndroidPresentationInterface28handleProtocolDialogResponseERKlRKNSt6__ndk110shared_ptrIN17storeservicescore22ProtocolDialogResponseEEE( + void *, long *j, struct shared_ptr *); +// androidstoreservices::AndroidPresentationInterface::handleCredentialsResponse(std::__ndk1::shared_ptr +// const&) +extern void +_ZN20androidstoreservices28AndroidPresentationInterface25handleCredentialsResponseERKNSt6__ndk110shared_ptrIN17storeservicescore19CredentialsResponseEEE( + void *, struct shared_ptr *); + +extern void _ZN17storeservicescore22ProtocolDialogResponseC1Ev(void *); + +// storeservicescore::CredentialsResponse::CredentialsResponse() +extern void _ZN17storeservicescore19CredentialsResponseC1Ev(void *); +// storeservicescore::CredentialsResponse::setUserName(std::__ndk1::basic_string, std::__ndk1::allocator > const&) +extern void +_ZN17storeservicescore19CredentialsResponse11setUserNameERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +// storeservicescore::CredentialsResponse::setPassword(std::__ndk1::basic_string, std::__ndk1::allocator > const&) +extern void +_ZN17storeservicescore19CredentialsResponse11setPasswordERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +// storeservicescore::CredentialsResponse::setResponseType(storeservicescore::CredentialsResponse::ResponseType) +extern void _ZN17storeservicescore19CredentialsResponse15setResponseTypeENS0_12ResponseTypeE(void *, int responseType); + +// storeservicescore::AuthenticateFlow::response() const +extern struct shared_ptr *_ZNK17storeservicescore16AuthenticateFlow8responseEv(void *); + +extern struct std_vector *_ZNK17storeservicescore14ProtocolDialog7buttonsEv(void *); +extern union std_string *_ZNK17storeservicescore14ProtocolButton5titleEv(void *); + +// storeservicescore::DeviceGUID::instance() +extern void _ZN17storeservicescore10DeviceGUID8instanceEv(struct shared_ptr *); +// storeservicescore::DeviceGUID::configure(std::__ndk1::basic_string, std::__ndk1::allocator > const&, +// std::__ndk1::basic_string, +// std::__ndk1::allocator > const&, unsigned int const&, bool const&) +extern void +_ZN17storeservicescore10DeviceGUID9configureERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEES9_RKjRKb( + void *, void *, union std_string *, union std_string *, unsigned int *, uint8_t *); + +// mediaplatform::DebugLogEnabledForPriority(mediaplatform::LogPriority) +extern uint8_t _ZN13mediaplatform26DebugLogEnabledForPriorityENS_11LogPriorityE(); + +extern void *_ZTVNSt6__ndk120__shared_ptr_emplaceIN17storeservicescore22ProtocolDialogResponseENS_9allocatorIS2_EEEE; +extern void *_ZTVNSt6__ndk120__shared_ptr_emplaceIN17storeservicescore19CredentialsResponseENS_9allocatorIS2_EEEE; +// vtable for +// std::__ndk1::__shared_ptr_emplace > +extern void *_ZTVNSt6__ndk120__shared_ptr_emplaceIN17storeservicescore20RequestContextConfigENS_9allocatorIS2_EEEE; + +// storeservicescore::RequestContextConfig::RequestContextConfig() +extern void _ZN17storeservicescore20RequestContextConfigC2Ev(void *); +extern void _ZN17storeservicescore20RequestContextConfig9setCPFlagEb(void *, uint8_t); +extern void +_ZN17storeservicescore20RequestContextConfig20setBaseDirectoryPathERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +// storeservicescore::RequestContextConfig::setClientIdentifier(std::__ndk1::basic_string, std::__ndk1::allocator > const&) +extern void +_ZN17storeservicescore20RequestContextConfig19setClientIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +extern void +_ZN17storeservicescore20RequestContextConfig20setVersionIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +extern void +_ZN17storeservicescore20RequestContextConfig21setPlatformIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +extern void +_ZN17storeservicescore20RequestContextConfig17setProductVersionERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +extern void +_ZN17storeservicescore20RequestContextConfig14setDeviceModelERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +extern void +_ZN17storeservicescore20RequestContextConfig15setBuildVersionERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +extern void +_ZN17storeservicescore20RequestContextConfig19setLocaleIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +extern void +_ZN17storeservicescore20RequestContextConfig21setLanguageIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); +extern void +_ZN17storeservicescore20RequestContextConfig24setFairPlayDirectoryPathERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + void *, union std_string *); + +extern void +_ZN17storeservicescore14RequestContext4initERKNSt6__ndk110shared_ptrINS_20RequestContextConfigEEE(void *, void *, + struct shared_ptr *); + +extern void *_ZN21SVFootHillSessionCtrl8instanceEv(); +extern void *_ZN21SVFootHillSessionCtrl7destroyEv(); +extern void _ZN21SVFootHillSessionCtrl9cleanKeysERKNSt6__ndk112basic_stringIcNS0_11char_traitsIcEENS0_9allocatorIcEEEE( + void *, union std_string *); +extern void +_ZN21SVFootHillSessionCtrl16getPersistentKeyERKNSt6__ndk112basic_stringIcNS0_11char_traitsIcEENS0_9allocatorIcEEEES8_S8_S8_S8_S8_S8_S8_( + struct shared_ptr *, void *, union std_string *, union std_string *, union std_string *, union std_string *, + union std_string *, union std_string *, union std_string *, union std_string *); +extern void +_ZN21SVFootHillSessionCtrl14decryptContextERKNSt6__ndk112basic_stringIcNS0_11char_traitsIcEENS0_9allocatorIcEEEERKN11SVDecryptor15SVDecryptorTypeERKb( + struct shared_ptr *ret, void *sessCtrlInstance, union std_string *ckc); +extern void _ZNSt6__ndk110shared_ptrI18SVFootHillPContextED2Ev(struct shared_ptr *); +extern void **_ZNK18SVFootHillPContext9kdContextEv(void *); +extern long NfcRKVnxuKZy04KWbdFu71Ou(void *, uint32_t, void *, void *, size_t); + +extern void _ZN8FootHillC2ERKNSt6__ndk112basic_stringIcNS0_11char_traitsIcEENS0_9allocatorIcEEEES8_(void *, + union std_string *, + union std_string *); +extern void _ZN8FootHill24defaultContextIdentifierEv(void *); + +// RequestContextManager::configure(std::__ndk1::shared_ptr +// const&) +extern void _ZN21RequestContextManager9configureERKNSt6__ndk110shared_ptrIN17storeservicescore14RequestContextEEE( + struct shared_ptr *); + +const char *const android_id = "dc28071e981c439e"; +const char *const fairplayCert = "MIIEzjCCA7agAwIBAgIIAXAVjHFZDjgwDQYJKoZIhvcNAQEFBQAwfzELMAkGA1UEBhMCVVMxEz" + "ARBgNVBAoMCkFwcGxlIEluYy4xJjAkBgNVBAsMHUFwcGxlIENlcnRpZmljYXRpb24gQXV0aG9y" + "aXR5MTMwMQYDVQQDDCpBcHBsZSBLZXkgU2VydmljZXMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdH" + "kwHhcNMTIwNzI1MTgwMjU4WhcNMTQwNzI2MTgwMjU4WjAwMQswCQYDVQQGEwJVUzESMBAGA1UE" + "CgwJQXBwbGUgSW5jMQ0wCwYDVQQDDARGUFMxMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQ" + "CqZ9IbMt0J0dTKQN4cUlfeQRY9bcnbnP95HFv9A16Yayh4xQzRLAQqVSmisZtBK2/nawZcDmcs" + "+XapBojRb+jDM4Dzk6/Ygdqo8LoA+BE1zipVyalGLj8Y86hTC9QHX8i05oWNCDIlmabjjWvFBo" + "EOk+ezOAPg8c0SET38x5u+TwIDAQABo4ICHzCCAhswHQYDVR0OBBYEFPP6sfTWpOQ5Sguf5W3Y" + "0oibbEc3MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUY+RHVMuFcVlGLIOszEQxZGcDLL4wge" + "IGA1UdIASB2jCB1zCB1AYJKoZIhvdjZAUBMIHGMIHDBggrBgEFBQcCAjCBtgyBs1JlbGlhbmNl" + "IG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZi" + "B0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJkIHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVz" + "ZSwgY2VydGlmaWNhdGUgcG9saWN5IGFuZCBjZXJ0aWZpY2F0aW9uIHByYWN0aWNlIHN0YXRlbW" + "VudHMuMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9jcmwuYXBwbGUuY29tL2tleXNlcnZpY2Vz" + "LmNybDAOBgNVHQ8BAf8EBAMCBSAwFAYLKoZIhvdjZAYNAQUBAf8EAgUAMBsGCyqGSIb3Y2QGDQ" + "EGAQH/BAkBAAAAAQAAAAEwKQYLKoZIhvdjZAYNAQMBAf8EFwF+bjsY57ASVFmeehD2bdu6HLGB" + "xeC2MEEGCyqGSIb3Y2QGDQEEAQH/BC8BHrKviHJf/Se/ibc7T0/55Bt1GePzaYBVfgF3ZiNuV9" + "3z8P3qsawAqAXzzh9o5DANBgkqhkiG9w0BAQUFAAOCAQEAVGyCtuLYcYb/aPijBCtaemxuV0Io" + "kXJn3EgmwYHZynaR6HZmeGRUp9p3f8EXu6XPSekKCCQi+a86hXX9RfnGEjRdvtP+jts5MDSKuU" + "Ioaqce8cLX2dpUOZXdf3lR0IQM0kXHb5boNGBsmbTLVifqeMsexfZryGw2hE/4WDOJdGQm1gMJ" + "ZU4jP1b/HSLNIUhHWAaMeWtcJTPRBucR4urAtvvtOWD88mriZNHG+veYw55b+qA36PSqDPMbku" + "9xTY7fsMa6mxIRmwULQgi8nOk1wNhw3ZO0qUKtaCO3gSqWdloecxpxUQSZCSW7tWPkpXXwDZqe" + "gUkij9xMFS1pr37RIjCCBVAwggQ4oAMCAQICEEVKuaGraq1Cp4z6TFOeVfUwDQYJKoZIhvcNAQ" + "ELBQAwUDEsMCoGA1UEAwwjQXBwbGUgRlAgU2VydmljZSBFbmFibGUgUlNBIENBIC0gRzExEzAR" + "BgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTIwMDQwNzIwMjY0NFoXDTIyMDQwNz" + "IwMjY0NFowWjEhMB8GA1UEAwwYZnBzMjA0OC5pdHVuZXMuYXBwbGUuY29tMRMwEQYDVQQLDApB" + "cHBsZSBJbmMuMRMwEQYDVQQKDApBcHBsZSBJbmMuMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhv" + "cNAQEBBQADggEPADCCAQoCggEBAJNoUHuTRLafofQgIRgGa2TFIf+bsFDMjs+y3Ep1xCzFLE4Q" + "bnwG6OG0duKUl5IoGUsouzZk9iGsXz5k3ESLOWKz2BFrDTvGrzAcuLpH66jJHGsk/l+ZzsDOJa" + "oQ22pu0JvzYzW8/yEKvpE6JF/2dsC6V9RDTri3VWFxrl5uh8czzncoEQoRcQsSatHzs4tw/QdH" + "FtBIigqxqr4R7XiCaHbsQmqbP9h7oxRs/6W/DDA2BgkuFY1ocX/8dTjmH6szKPfGt3KaYCwy3f" + "uRC+FibTyohtvmlXsYhm7AUzorwWIwN/MbiFQ0OHHtDomIy71wDcTNMnY0jZYtGmIlJETAgYcC" + "AwEAAaOCAhowggIWMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUrI/yBkpV623/IeMrXzs8fC" + "7VkZkwRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vb2NzcC5hcHBsZS5jb20v" + "b2NzcDAzLWZwc3J2cnNhZzEwMzCBwwYDVR0gBIG7MIG4MIG1BgkqhkiG92NkBQEwgacwgaQGCC" + "sGAQUFBwICMIGXDIGUUmVsaWFuY2Ugb24gdGhpcyBjZXJ0aWZpY2F0ZSBieSBhbnkgcGFydHkg" + "YXNzdW1lcyBhY2NlcHRhbmNlIG9mIGFueSBhcHBsaWNhYmxlIHRlcm1zIGFuZCBjb25kaXRpb2" + "5zIG9mIHVzZSBhbmQvb3IgY2VydGlmaWNhdGlvbiBwcmFjdGljZSBzdGF0ZW1lbnRzLjAdBgNV" + "HQ4EFgQU2RpCSSHFXeoZQQWxbwJuRZ9RrIEwDgYDVR0PAQH/BAQDAgUgMBQGCyqGSIb3Y2QGDQ" + "EFAQH/BAIFADAjBgsqhkiG92NkBg0BBgEB/wQRAQAAAAMAAAABAAAAAgAAAAMwOQYLKoZIhvdj" + "ZAYNAQMBAf8EJwG+pUeWbeZBUI0PikyFwSggL5dHaeugSDoQKwcP28csLuh5wplpATAzBgsqhk" + "iG92NkBg0BBAEB/wQhAfl9TGjP/UY9TyQzYsn8sX9ZvHChok9QrrUhtAyWR1yCMA0GCSqGSIb3" + "DQEBCwUAA4IBAQBNMzZ6llQ0laLXsrmyVieuoW9+pHeAaDJ7cBiQLjM3ZdIO3Gq5dkbWYYYwJw" + "ymdxZ74WGZMuVv3ueJKcxG1jAhCRhr0lb6QaPaQQSNW+xnoesb3CLA0RzrcgBp/9WFZNdttJOS" + "yC93lQmiE0r5RqPpe/IWUzwoZxri8qnsghVFxCBEcMB+U4PJR8WeAkPrji8po2JLYurvgNRhGk" + "DKcAFPuGEpXdF86hPts+07zazsP0fBjBSVgP3jqb8G31w5W+O+wBW0B9uCf3s0vXU4LuJTAyww" + "s2ImZ7O/AaY/uXWOyIUMUKPgL1/QJieB7pBoENIJ2CeJS2M3iv00ssmCmTEJ"; \ No newline at end of file diff --git a/main.cpp b/main.cpp new file mode 100644 index 0000000..d48387c --- /dev/null +++ b/main.cpp @@ -0,0 +1,26 @@ +#include +#include +#include + +extern "C" void handle(int fd); + +extern "C" uint8_t handle_cpp(int fd) { + try { + handle(fd); + return 1; + } catch (const std::exception &e) { + fprintf(stderr, "[!] catched an exception: %s\n", e.what()); + return 0; + } +} + +static void endLeaseCb(int const &c) { + fprintf(stderr, "[.] end lease code %d\n", c); +} + +static void pbErrCb(void *) { + fprintf(stderr, "[.] playback error\n"); +} + +extern "C" std::function endLeaseCallback(endLeaseCb); +extern "C" std::function pbErrCallback(pbErrCb); \ No newline at end of file diff --git a/rootfs/system/bin/linker64 b/rootfs/system/bin/linker64 new file mode 100644 index 0000000..e2ea291 Binary files /dev/null and b/rootfs/system/bin/linker64 differ diff --git a/rootfs/system/lib64/libBlocksRuntime.so b/rootfs/system/lib64/libBlocksRuntime.so new file mode 100644 index 0000000..9aa423e Binary files /dev/null and b/rootfs/system/lib64/libBlocksRuntime.so differ diff --git a/rootfs/system/lib64/libCoreADI.so b/rootfs/system/lib64/libCoreADI.so new file mode 100644 index 0000000..2fe65fa Binary files /dev/null and b/rootfs/system/lib64/libCoreADI.so differ diff --git a/rootfs/system/lib64/libCoreFP.so b/rootfs/system/lib64/libCoreFP.so new file mode 100644 index 0000000..4976549 Binary files /dev/null and b/rootfs/system/lib64/libCoreFP.so differ diff --git a/rootfs/system/lib64/libCoreFoundation.so b/rootfs/system/lib64/libCoreFoundation.so new file mode 100644 index 0000000..d715e79 Binary files /dev/null and b/rootfs/system/lib64/libCoreFoundation.so differ diff --git a/rootfs/system/lib64/libCoreLSKD.so b/rootfs/system/lib64/libCoreLSKD.so new file mode 100644 index 0000000..48f2941 Binary files /dev/null and b/rootfs/system/lib64/libCoreLSKD.so differ diff --git a/rootfs/system/lib64/libEGL.so b/rootfs/system/lib64/libEGL.so new file mode 100644 index 0000000..40fe15d Binary files /dev/null and b/rootfs/system/lib64/libEGL.so differ diff --git a/rootfs/system/lib64/libETC1.so b/rootfs/system/lib64/libETC1.so new file mode 100644 index 0000000..fd2b2df Binary files /dev/null and b/rootfs/system/lib64/libETC1.so differ diff --git a/rootfs/system/lib64/libGLES_trace.so b/rootfs/system/lib64/libGLES_trace.so new file mode 100644 index 0000000..962ef9a Binary files /dev/null and b/rootfs/system/lib64/libGLES_trace.so differ diff --git a/rootfs/system/lib64/libGLESv1_CM.so b/rootfs/system/lib64/libGLESv1_CM.so new file mode 100644 index 0000000..e0381ce Binary files /dev/null and b/rootfs/system/lib64/libGLESv1_CM.so differ diff --git a/rootfs/system/lib64/libGLESv2.so b/rootfs/system/lib64/libGLESv2.so new file mode 100644 index 0000000..7e42a7c Binary files /dev/null and b/rootfs/system/lib64/libGLESv2.so differ diff --git a/rootfs/system/lib64/libLLVM.so b/rootfs/system/lib64/libLLVM.so new file mode 100644 index 0000000..f256185 Binary files /dev/null and b/rootfs/system/lib64/libLLVM.so differ diff --git a/rootfs/system/lib64/libOpenSLES.so b/rootfs/system/lib64/libOpenSLES.so new file mode 100644 index 0000000..c8f833f Binary files /dev/null and b/rootfs/system/lib64/libOpenSLES.so differ diff --git a/rootfs/system/lib64/libRS.so b/rootfs/system/lib64/libRS.so new file mode 100644 index 0000000..9b16bd6 Binary files /dev/null and b/rootfs/system/lib64/libRS.so differ diff --git a/rootfs/system/lib64/libRScpp.so b/rootfs/system/lib64/libRScpp.so new file mode 100644 index 0000000..4276e8f Binary files /dev/null and b/rootfs/system/lib64/libRScpp.so differ diff --git a/rootfs/system/lib64/libandroid.so b/rootfs/system/lib64/libandroid.so new file mode 100644 index 0000000..d2964a3 Binary files /dev/null and b/rootfs/system/lib64/libandroid.so differ diff --git a/rootfs/system/lib64/libandroid_runtime.so b/rootfs/system/lib64/libandroid_runtime.so new file mode 100644 index 0000000..a2fc72e Binary files /dev/null and b/rootfs/system/lib64/libandroid_runtime.so differ diff --git a/rootfs/system/lib64/libandroidappmusic.so b/rootfs/system/lib64/libandroidappmusic.so new file mode 100644 index 0000000..878b6b8 Binary files /dev/null and b/rootfs/system/lib64/libandroidappmusic.so differ diff --git a/rootfs/system/lib64/libandroidfw.so b/rootfs/system/lib64/libandroidfw.so new file mode 100644 index 0000000..2dbc177 Binary files /dev/null and b/rootfs/system/lib64/libandroidfw.so differ diff --git a/rootfs/system/lib64/libaudioutils.so b/rootfs/system/lib64/libaudioutils.so new file mode 100644 index 0000000..e29059f Binary files /dev/null and b/rootfs/system/lib64/libaudioutils.so differ diff --git a/rootfs/system/lib64/libbacktrace.so b/rootfs/system/lib64/libbacktrace.so new file mode 100644 index 0000000..bf03124 Binary files /dev/null and b/rootfs/system/lib64/libbacktrace.so differ diff --git a/rootfs/system/lib64/libbcc.so b/rootfs/system/lib64/libbcc.so new file mode 100644 index 0000000..7669738 Binary files /dev/null and b/rootfs/system/lib64/libbcc.so differ diff --git a/rootfs/system/lib64/libbcinfo.so b/rootfs/system/lib64/libbcinfo.so new file mode 100644 index 0000000..023e886 Binary files /dev/null and b/rootfs/system/lib64/libbcinfo.so differ diff --git a/rootfs/system/lib64/libbinder.so b/rootfs/system/lib64/libbinder.so new file mode 100644 index 0000000..869114b Binary files /dev/null and b/rootfs/system/lib64/libbinder.so differ diff --git a/rootfs/system/lib64/libc++.so b/rootfs/system/lib64/libc++.so new file mode 100644 index 0000000..7655a32 Binary files /dev/null and b/rootfs/system/lib64/libc++.so differ diff --git a/rootfs/system/lib64/libc++_shared.so b/rootfs/system/lib64/libc++_shared.so new file mode 100644 index 0000000..0161f0a Binary files /dev/null and b/rootfs/system/lib64/libc++_shared.so differ diff --git a/rootfs/system/lib64/libc.so b/rootfs/system/lib64/libc.so new file mode 100644 index 0000000..694fa15 Binary files /dev/null and b/rootfs/system/lib64/libc.so differ diff --git a/rootfs/system/lib64/libcamera_client.so b/rootfs/system/lib64/libcamera_client.so new file mode 100644 index 0000000..9260803 Binary files /dev/null and b/rootfs/system/lib64/libcamera_client.so differ diff --git a/rootfs/system/lib64/libcamera_metadata.so b/rootfs/system/lib64/libcamera_metadata.so new file mode 100644 index 0000000..cc90eb7 Binary files /dev/null and b/rootfs/system/lib64/libcamera_metadata.so differ diff --git a/rootfs/system/lib64/libcommon_time_client.so b/rootfs/system/lib64/libcommon_time_client.so new file mode 100644 index 0000000..8ce2deb Binary files /dev/null and b/rootfs/system/lib64/libcommon_time_client.so differ diff --git a/rootfs/system/lib64/libcrypto.so b/rootfs/system/lib64/libcrypto.so new file mode 100644 index 0000000..244238b Binary files /dev/null and b/rootfs/system/lib64/libcrypto.so differ diff --git a/rootfs/system/lib64/libcurl.so b/rootfs/system/lib64/libcurl.so new file mode 100644 index 0000000..6c73a34 Binary files /dev/null and b/rootfs/system/lib64/libcurl.so differ diff --git a/rootfs/system/lib64/libcutils.so b/rootfs/system/lib64/libcutils.so new file mode 100644 index 0000000..5a8b5c4 Binary files /dev/null and b/rootfs/system/lib64/libcutils.so differ diff --git a/rootfs/system/lib64/libdaapkit.so b/rootfs/system/lib64/libdaapkit.so new file mode 100644 index 0000000..9bfb782 Binary files /dev/null and b/rootfs/system/lib64/libdaapkit.so differ diff --git a/rootfs/system/lib64/libdispatch.so b/rootfs/system/lib64/libdispatch.so new file mode 100644 index 0000000..632e250 Binary files /dev/null and b/rootfs/system/lib64/libdispatch.so differ diff --git a/rootfs/system/lib64/libdrmframework.so b/rootfs/system/lib64/libdrmframework.so new file mode 100644 index 0000000..b2aa0ed Binary files /dev/null and b/rootfs/system/lib64/libdrmframework.so differ diff --git a/rootfs/system/lib64/libeffects.so b/rootfs/system/lib64/libeffects.so new file mode 100644 index 0000000..852c491 Binary files /dev/null and b/rootfs/system/lib64/libeffects.so differ diff --git a/rootfs/system/lib64/libexpat.so b/rootfs/system/lib64/libexpat.so new file mode 100644 index 0000000..b0ab3a9 Binary files /dev/null and b/rootfs/system/lib64/libexpat.so differ diff --git a/rootfs/system/lib64/libft2.so b/rootfs/system/lib64/libft2.so new file mode 100644 index 0000000..391ebfe Binary files /dev/null and b/rootfs/system/lib64/libft2.so differ diff --git a/rootfs/system/lib64/libgabi++.so b/rootfs/system/lib64/libgabi++.so new file mode 100644 index 0000000..c643ee1 Binary files /dev/null and b/rootfs/system/lib64/libgabi++.so differ diff --git a/rootfs/system/lib64/libgccdemangle.so b/rootfs/system/lib64/libgccdemangle.so new file mode 100644 index 0000000..7ea73ca Binary files /dev/null and b/rootfs/system/lib64/libgccdemangle.so differ diff --git a/rootfs/system/lib64/libgui.so b/rootfs/system/lib64/libgui.so new file mode 100644 index 0000000..625c777 Binary files /dev/null and b/rootfs/system/lib64/libgui.so differ diff --git a/rootfs/system/lib64/libhardware.so b/rootfs/system/lib64/libhardware.so new file mode 100644 index 0000000..a96c2fd Binary files /dev/null and b/rootfs/system/lib64/libhardware.so differ diff --git a/rootfs/system/lib64/libhardware_legacy.so b/rootfs/system/lib64/libhardware_legacy.so new file mode 100644 index 0000000..f93112e Binary files /dev/null and b/rootfs/system/lib64/libhardware_legacy.so differ diff --git a/rootfs/system/lib64/libharfbuzz_ng.so b/rootfs/system/lib64/libharfbuzz_ng.so new file mode 100644 index 0000000..4da3854 Binary files /dev/null and b/rootfs/system/lib64/libharfbuzz_ng.so differ diff --git a/rootfs/system/lib64/libhwui.so b/rootfs/system/lib64/libhwui.so new file mode 100644 index 0000000..1ff9003 Binary files /dev/null and b/rootfs/system/lib64/libhwui.so differ diff --git a/rootfs/system/lib64/libicudata_sv_apple.so b/rootfs/system/lib64/libicudata_sv_apple.so new file mode 100644 index 0000000..a4ac8e0 Binary files /dev/null and b/rootfs/system/lib64/libicudata_sv_apple.so differ diff --git a/rootfs/system/lib64/libicui18n.so b/rootfs/system/lib64/libicui18n.so new file mode 100644 index 0000000..f671030 Binary files /dev/null and b/rootfs/system/lib64/libicui18n.so differ diff --git a/rootfs/system/lib64/libicui18n_sv_apple.so b/rootfs/system/lib64/libicui18n_sv_apple.so new file mode 100644 index 0000000..fe072d8 Binary files /dev/null and b/rootfs/system/lib64/libicui18n_sv_apple.so differ diff --git a/rootfs/system/lib64/libicuuc.so b/rootfs/system/lib64/libicuuc.so new file mode 100644 index 0000000..21fc4d2 Binary files /dev/null and b/rootfs/system/lib64/libicuuc.so differ diff --git a/rootfs/system/lib64/libicuuc_sv_apple.so b/rootfs/system/lib64/libicuuc_sv_apple.so new file mode 100644 index 0000000..78f0cac Binary files /dev/null and b/rootfs/system/lib64/libicuuc_sv_apple.so differ diff --git a/rootfs/system/lib64/libimg_utils.so b/rootfs/system/lib64/libimg_utils.so new file mode 100644 index 0000000..7bdb00d Binary files /dev/null and b/rootfs/system/lib64/libimg_utils.so differ diff --git a/rootfs/system/lib64/libinput.so b/rootfs/system/lib64/libinput.so new file mode 100644 index 0000000..8eca616 Binary files /dev/null and b/rootfs/system/lib64/libinput.so differ diff --git a/rootfs/system/lib64/libinputflinger.so b/rootfs/system/lib64/libinputflinger.so new file mode 100644 index 0000000..8a7a2f1 Binary files /dev/null and b/rootfs/system/lib64/libinputflinger.so differ diff --git a/rootfs/system/lib64/libjpeg.so b/rootfs/system/lib64/libjpeg.so new file mode 100644 index 0000000..d5d35ff Binary files /dev/null and b/rootfs/system/lib64/libjpeg.so differ diff --git a/rootfs/system/lib64/liblog.so b/rootfs/system/lib64/liblog.so new file mode 100644 index 0000000..39863e3 Binary files /dev/null and b/rootfs/system/lib64/liblog.so differ diff --git a/rootfs/system/lib64/libm.so b/rootfs/system/lib64/libm.so new file mode 100644 index 0000000..941b068 Binary files /dev/null and b/rootfs/system/lib64/libm.so differ diff --git a/rootfs/system/lib64/libmedia.so b/rootfs/system/lib64/libmedia.so new file mode 100644 index 0000000..b35c6fd Binary files /dev/null and b/rootfs/system/lib64/libmedia.so differ diff --git a/rootfs/system/lib64/libmedialibrarycore.so b/rootfs/system/lib64/libmedialibrarycore.so new file mode 100644 index 0000000..c8327e0 Binary files /dev/null and b/rootfs/system/lib64/libmedialibrarycore.so differ diff --git a/rootfs/system/lib64/libmediaplatform.so b/rootfs/system/lib64/libmediaplatform.so new file mode 100644 index 0000000..4404d37 Binary files /dev/null and b/rootfs/system/lib64/libmediaplatform.so differ diff --git a/rootfs/system/lib64/libmemtrack.so b/rootfs/system/lib64/libmemtrack.so new file mode 100644 index 0000000..4259278 Binary files /dev/null and b/rootfs/system/lib64/libmemtrack.so differ diff --git a/rootfs/system/lib64/libminikin.so b/rootfs/system/lib64/libminikin.so new file mode 100644 index 0000000..b66f73f Binary files /dev/null and b/rootfs/system/lib64/libminikin.so differ diff --git a/rootfs/system/lib64/libnativebridge.so b/rootfs/system/lib64/libnativebridge.so new file mode 100644 index 0000000..7d1a72b Binary files /dev/null and b/rootfs/system/lib64/libnativebridge.so differ diff --git a/rootfs/system/lib64/libnativehelper.so b/rootfs/system/lib64/libnativehelper.so new file mode 100644 index 0000000..2c9fe04 Binary files /dev/null and b/rootfs/system/lib64/libnativehelper.so differ diff --git a/rootfs/system/lib64/libnbaio.so b/rootfs/system/lib64/libnbaio.so new file mode 100644 index 0000000..cd22d71 Binary files /dev/null and b/rootfs/system/lib64/libnbaio.so differ diff --git a/rootfs/system/lib64/libnetd_client.so b/rootfs/system/lib64/libnetd_client.so new file mode 100644 index 0000000..8a2929d Binary files /dev/null and b/rootfs/system/lib64/libnetd_client.so differ diff --git a/rootfs/system/lib64/libnetutils.so b/rootfs/system/lib64/libnetutils.so new file mode 100644 index 0000000..fb567e7 Binary files /dev/null and b/rootfs/system/lib64/libnetutils.so differ diff --git a/rootfs/system/lib64/libopus.so b/rootfs/system/lib64/libopus.so new file mode 100644 index 0000000..d0e944f Binary files /dev/null and b/rootfs/system/lib64/libopus.so differ diff --git a/rootfs/system/lib64/libpdfium.so b/rootfs/system/lib64/libpdfium.so new file mode 100644 index 0000000..1a6b18b Binary files /dev/null and b/rootfs/system/lib64/libpdfium.so differ diff --git a/rootfs/system/lib64/libpng.so b/rootfs/system/lib64/libpng.so new file mode 100644 index 0000000..9cbb2b2 Binary files /dev/null and b/rootfs/system/lib64/libpng.so differ diff --git a/rootfs/system/lib64/libpowermanager.so b/rootfs/system/lib64/libpowermanager.so new file mode 100644 index 0000000..f4dd3b8 Binary files /dev/null and b/rootfs/system/lib64/libpowermanager.so differ diff --git a/rootfs/system/lib64/libprocessgroup.so b/rootfs/system/lib64/libprocessgroup.so new file mode 100644 index 0000000..1ebd817 Binary files /dev/null and b/rootfs/system/lib64/libprocessgroup.so differ diff --git a/rootfs/system/lib64/libselinux.so b/rootfs/system/lib64/libselinux.so new file mode 100644 index 0000000..e1041a6 Binary files /dev/null and b/rootfs/system/lib64/libselinux.so differ diff --git a/rootfs/system/lib64/libskia.so b/rootfs/system/lib64/libskia.so new file mode 100644 index 0000000..ffc1ecd Binary files /dev/null and b/rootfs/system/lib64/libskia.so differ diff --git a/rootfs/system/lib64/libsonivox.so b/rootfs/system/lib64/libsonivox.so new file mode 100644 index 0000000..d2f42b3 Binary files /dev/null and b/rootfs/system/lib64/libsonivox.so differ diff --git a/rootfs/system/lib64/libsoundtrigger.so b/rootfs/system/lib64/libsoundtrigger.so new file mode 100644 index 0000000..38cf861 Binary files /dev/null and b/rootfs/system/lib64/libsoundtrigger.so differ diff --git a/rootfs/system/lib64/libspeexresampler.so b/rootfs/system/lib64/libspeexresampler.so new file mode 100644 index 0000000..0817e4f Binary files /dev/null and b/rootfs/system/lib64/libspeexresampler.so differ diff --git a/rootfs/system/lib64/libsqlite.so b/rootfs/system/lib64/libsqlite.so new file mode 100644 index 0000000..ff3cb92 Binary files /dev/null and b/rootfs/system/lib64/libsqlite.so differ diff --git a/rootfs/system/lib64/libssl.so b/rootfs/system/lib64/libssl.so new file mode 100644 index 0000000..2151339 Binary files /dev/null and b/rootfs/system/lib64/libssl.so differ diff --git a/rootfs/system/lib64/libstagefright.so b/rootfs/system/lib64/libstagefright.so new file mode 100644 index 0000000..1e4203f Binary files /dev/null and b/rootfs/system/lib64/libstagefright.so differ diff --git a/rootfs/system/lib64/libstagefright_avc_common.so b/rootfs/system/lib64/libstagefright_avc_common.so new file mode 100644 index 0000000..94adda9 Binary files /dev/null and b/rootfs/system/lib64/libstagefright_avc_common.so differ diff --git a/rootfs/system/lib64/libstagefright_enc_common.so b/rootfs/system/lib64/libstagefright_enc_common.so new file mode 100644 index 0000000..64f507d Binary files /dev/null and b/rootfs/system/lib64/libstagefright_enc_common.so differ diff --git a/rootfs/system/lib64/libstagefright_foundation.so b/rootfs/system/lib64/libstagefright_foundation.so new file mode 100644 index 0000000..f25027b Binary files /dev/null and b/rootfs/system/lib64/libstagefright_foundation.so differ diff --git a/rootfs/system/lib64/libstagefright_http_support.so b/rootfs/system/lib64/libstagefright_http_support.so new file mode 100644 index 0000000..df53744 Binary files /dev/null and b/rootfs/system/lib64/libstagefright_http_support.so differ diff --git a/rootfs/system/lib64/libstagefright_omx.so b/rootfs/system/lib64/libstagefright_omx.so new file mode 100644 index 0000000..5fc378a Binary files /dev/null and b/rootfs/system/lib64/libstagefright_omx.so differ diff --git a/rootfs/system/lib64/libstagefright_yuv.so b/rootfs/system/lib64/libstagefright_yuv.so new file mode 100644 index 0000000..e26ae77 Binary files /dev/null and b/rootfs/system/lib64/libstagefright_yuv.so differ diff --git a/rootfs/system/lib64/libstdc++.so b/rootfs/system/lib64/libstdc++.so new file mode 100644 index 0000000..f6ef9a7 Binary files /dev/null and b/rootfs/system/lib64/libstdc++.so differ diff --git a/rootfs/system/lib64/libstlport.so b/rootfs/system/lib64/libstlport.so new file mode 100644 index 0000000..92fbaf5 Binary files /dev/null and b/rootfs/system/lib64/libstlport.so differ diff --git a/rootfs/system/lib64/libstoreservicescore.so b/rootfs/system/lib64/libstoreservicescore.so new file mode 100644 index 0000000..1f5b0cd Binary files /dev/null and b/rootfs/system/lib64/libstoreservicescore.so differ diff --git a/rootfs/system/lib64/libsync.so b/rootfs/system/lib64/libsync.so new file mode 100644 index 0000000..26390b9 Binary files /dev/null and b/rootfs/system/lib64/libsync.so differ diff --git a/rootfs/system/lib64/libui.so b/rootfs/system/lib64/libui.so new file mode 100644 index 0000000..c23cae0 Binary files /dev/null and b/rootfs/system/lib64/libui.so differ diff --git a/rootfs/system/lib64/libunwind-ptrace.so b/rootfs/system/lib64/libunwind-ptrace.so new file mode 100644 index 0000000..9e908d0 Binary files /dev/null and b/rootfs/system/lib64/libunwind-ptrace.so differ diff --git a/rootfs/system/lib64/libunwind.so b/rootfs/system/lib64/libunwind.so new file mode 100644 index 0000000..40a06cb Binary files /dev/null and b/rootfs/system/lib64/libunwind.so differ diff --git a/rootfs/system/lib64/libusbhost.so b/rootfs/system/lib64/libusbhost.so new file mode 100644 index 0000000..4f74f32 Binary files /dev/null and b/rootfs/system/lib64/libusbhost.so differ diff --git a/rootfs/system/lib64/libutils.so b/rootfs/system/lib64/libutils.so new file mode 100644 index 0000000..d4db2c9 Binary files /dev/null and b/rootfs/system/lib64/libutils.so differ diff --git a/rootfs/system/lib64/libvorbisidec.so b/rootfs/system/lib64/libvorbisidec.so new file mode 100644 index 0000000..5e9c060 Binary files /dev/null and b/rootfs/system/lib64/libvorbisidec.so differ diff --git a/rootfs/system/lib64/libwilhelm.so b/rootfs/system/lib64/libwilhelm.so new file mode 100644 index 0000000..88bb479 Binary files /dev/null and b/rootfs/system/lib64/libwilhelm.so differ diff --git a/rootfs/system/lib64/libxml2.so b/rootfs/system/lib64/libxml2.so new file mode 100644 index 0000000..598d3ef Binary files /dev/null and b/rootfs/system/lib64/libxml2.so differ diff --git a/rootfs/system/lib64/libz.so b/rootfs/system/lib64/libz.so new file mode 100644 index 0000000..e9d1935 Binary files /dev/null and b/rootfs/system/lib64/libz.so differ diff --git a/test.c b/test.c new file mode 100644 index 0000000..99abb92 --- /dev/null +++ b/test.c @@ -0,0 +1,456 @@ +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "import.h" +#ifndef MyRelease +#include "subhook/subhook.c" +#endif + +static struct shared_ptr apInf; +static size_t passLen; +static char *amUsername, *amPassword; +static uint16_t port; +static uint8_t leaseMgr[16]; + +static void dialogHandler(long j, struct shared_ptr *protoDialogPtr, + struct shared_ptr *respHandler) { + const char *const title = std_string_data( + _ZNK17storeservicescore14ProtocolDialog5titleEv(protoDialogPtr->obj)); + fprintf(stderr, "[.] dialogHandler: {title: %s, message: %s}\n", title, + std_string_data(_ZNK17storeservicescore14ProtocolDialog7messageEv( + protoDialogPtr->obj))); + + unsigned char ptr[72]; + memset(ptr + 8, 0, 16); + *(void **)(ptr) = + &_ZTVNSt6__ndk120__shared_ptr_emplaceIN17storeservicescore22ProtocolDialogResponseENS_9allocatorIS2_EEEE + + 2; + struct shared_ptr diagResp = {.obj = ptr + 24, .ctrl_blk = ptr}; + _ZN17storeservicescore22ProtocolDialogResponseC1Ev(diagResp.obj); + + struct std_vector *butVec = + _ZNK17storeservicescore14ProtocolDialog7buttonsEv(protoDialogPtr->obj); + if (strcmp("Sign In", title) == 0) { + for (struct shared_ptr *b = butVec->begin; b != butVec->end; ++b) { + if (strcmp("Use Existing Apple ID", + std_string_data( + _ZNK17storeservicescore14ProtocolButton5titleEv( + b->obj))) == 0) { + _ZN17storeservicescore22ProtocolDialogResponse17setSelectedButtonERKNSt6__ndk110shared_ptrINS_14ProtocolButtonEEE( + diagResp.obj, b); + break; + } + } + } else { + for (struct shared_ptr *b = butVec->begin; b != butVec->end; ++b) { + fprintf( + stderr, "[.] button %p: %s\n", b->obj, + std_string_data( + _ZNK17storeservicescore14ProtocolButton5titleEv(b->obj))); + } + } + _ZN20androidstoreservices28AndroidPresentationInterface28handleProtocolDialogResponseERKlRKNSt6__ndk110shared_ptrIN17storeservicescore22ProtocolDialogResponseEEE( + apInf.obj, &j, &diagResp); +} + +static void credentialHandler(struct shared_ptr *credReqHandler, + struct shared_ptr *credRespHandler) { + const uint8_t need2FA = + _ZNK17storeservicescore18CredentialsRequest28requiresHSA2VerificationCodeEv( + credReqHandler->obj); + fprintf( + stderr, "[.] credentialHandler: {title: %s, message: %s, 2FA: %s}\n", + std_string_data(_ZNK17storeservicescore18CredentialsRequest5titleEv( + credReqHandler->obj)), + std_string_data(_ZNK17storeservicescore18CredentialsRequest7messageEv( + credReqHandler->obj)), + need2FA ? "true" : "false"); + + if (need2FA) { + printf("2FA code: "); + scanf("%6s", amPassword + passLen); + } + + uint8_t *const ptr = malloc(80); + memset(ptr + 8, 0, 16); + *(void **)(ptr) = + &_ZTVNSt6__ndk120__shared_ptr_emplaceIN17storeservicescore19CredentialsResponseENS_9allocatorIS2_EEEE + + 2; + struct shared_ptr credResp = {.obj = ptr + 24, .ctrl_blk = ptr}; + _ZN17storeservicescore19CredentialsResponseC1Ev(credResp.obj); + + union std_string username = new_std_string(amUsername); + _ZN17storeservicescore19CredentialsResponse11setUserNameERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + credResp.obj, &username); + + union std_string password = new_std_string(amPassword); + _ZN17storeservicescore19CredentialsResponse11setPasswordERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + credResp.obj, &password); + + _ZN17storeservicescore19CredentialsResponse15setResponseTypeENS0_12ResponseTypeE( + credResp.obj, 2); + + _ZN20androidstoreservices28AndroidPresentationInterface25handleCredentialsResponseERKNSt6__ndk110shared_ptrIN17storeservicescore19CredentialsResponseEEE( + apInf.obj, &credResp); +} + +#ifndef MyRelease +static uint8_t allDebug() { return 1; } +#endif + +static inline void init() { + // srand(time(0)); + + // raise(SIGSTOP); + fprintf(stderr, "[+] starting...\n"); + setenv("ANDROID_DNS_MODE", "local", 1); + static const char *resolvers[2] = {"1.1.1.1", "1.0.0.1"}; + _resolv_set_nameservers_for_net(0, resolvers, 2, "."); +#ifndef MyRelease + subhook_install(subhook_new( + _ZN13mediaplatform26DebugLogEnabledForPriorityENS_11LogPriorityE, + allDebug, SUBHOOK_64BIT_OFFSET)); +#endif + + // static char android_id[16]; + // for (int i = 0; i < 16; ++i) { + // android_id[i] = "0123456789abcdef"[rand() % 16]; + // } + union std_string conf1 = new_std_string(android_id); + union std_string conf2 = new_std_string(""); + _ZN14FootHillConfig6configERKNSt6__ndk112basic_stringIcNS0_11char_traitsIcEENS0_9allocatorIcEEEE( + &conf1); + + // union std_string root = new_std_string("/"); + // union std_string natLib = new_std_string("/system/lib64/"); + // void *foothill = malloc(120); + // _ZN8FootHillC2ERKNSt6__ndk112basic_stringIcNS0_11char_traitsIcEENS0_9allocatorIcEEEES8_( + // foothill, &root, &natLib); + // _ZN8FootHill24defaultContextIdentifierEv(foothill); + + struct shared_ptr GUID; + _ZN17storeservicescore10DeviceGUID8instanceEv(&GUID); + + static uint8_t ret[88]; + static unsigned int conf3 = 29; + static uint8_t conf4 = 1; + _ZN17storeservicescore10DeviceGUID9configureERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEES9_RKjRKb( + &ret, GUID.obj, &conf1, &conf2, &conf3, &conf4); +} + +static inline struct shared_ptr init_ctx() { + fprintf(stderr, "[+] initializing ctx...\n"); + union std_string strBuf = + new_std_string("/data/data/com.apple.android.music/files/mpl_db"); + + struct shared_ptr reqCtx; + _ZNSt6__ndk110shared_ptrIN17storeservicescore14RequestContextEE11make_sharedIJRNS_12basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEEEEES3_DpOT_( + &reqCtx, &strBuf); + + static uint8_t ptr[480]; + *(void **)(ptr) = + &_ZTVNSt6__ndk120__shared_ptr_emplaceIN17storeservicescore20RequestContextConfigENS_9allocatorIS2_EEEE + + 2; + struct shared_ptr reqCtxCfg = {.obj = ptr + 32, .ctrl_blk = ptr}; + + _ZN17storeservicescore20RequestContextConfigC2Ev(reqCtxCfg.obj); + // _ZN17storeservicescore20RequestContextConfig9setCPFlagEb(reqCtx.obj, 1); + _ZN17storeservicescore20RequestContextConfig20setBaseDirectoryPathERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtxCfg.obj, &strBuf); + strBuf = new_std_string("Music"); + _ZN17storeservicescore20RequestContextConfig19setClientIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtxCfg.obj, &strBuf); + strBuf = new_std_string("4.9"); + _ZN17storeservicescore20RequestContextConfig20setVersionIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtxCfg.obj, &strBuf); + strBuf = new_std_string("Android"); + _ZN17storeservicescore20RequestContextConfig21setPlatformIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtxCfg.obj, &strBuf); + strBuf = new_std_string("10"); + _ZN17storeservicescore20RequestContextConfig17setProductVersionERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtxCfg.obj, &strBuf); + strBuf = new_std_string("Samsung S9"); + _ZN17storeservicescore20RequestContextConfig14setDeviceModelERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtxCfg.obj, &strBuf); + strBuf = new_std_string("7663313"); + _ZN17storeservicescore20RequestContextConfig15setBuildVersionERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtxCfg.obj, &strBuf); + strBuf = new_std_string("en-US"); + _ZN17storeservicescore20RequestContextConfig19setLocaleIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtxCfg.obj, &strBuf); + _ZN17storeservicescore20RequestContextConfig21setLanguageIdentifierERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtxCfg.obj, &strBuf); + + _ZN21RequestContextManager9configureERKNSt6__ndk110shared_ptrIN17storeservicescore14RequestContextEEE( + &reqCtx); + static uint8_t buf[88]; + _ZN17storeservicescore14RequestContext4initERKNSt6__ndk110shared_ptrINS_20RequestContextConfigEEE( + &buf, reqCtx.obj, &reqCtxCfg); + strBuf = new_std_string("/data/data/com.apple.android.music/files"); + _ZN17storeservicescore14RequestContext24setFairPlayDirectoryPathERKNSt6__ndk112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEE( + reqCtx.obj, &strBuf); + + _ZNSt6__ndk110shared_ptrIN20androidstoreservices28AndroidPresentationInterfaceEE11make_sharedIJEEES3_DpOT_( + &apInf); + + _ZN20androidstoreservices28AndroidPresentationInterface16setDialogHandlerEPFvlNSt6__ndk110shared_ptrIN17storeservicescore14ProtocolDialogEEENS2_INS_36AndroidProtocolDialogResponseHandlerEEEE( + apInf.obj, &dialogHandler); + + _ZN20androidstoreservices28AndroidPresentationInterface21setCredentialsHandlerEPFvNSt6__ndk110shared_ptrIN17storeservicescore18CredentialsRequestEEENS2_INS_33AndroidCredentialsResponseHandlerEEEE( + apInf.obj, &credentialHandler); + + _ZN17storeservicescore14RequestContext24setPresentationInterfaceERKNSt6__ndk110shared_ptrINS_21PresentationInterfaceEEE( + reqCtx.obj, &apInf); + + return reqCtx; +} + +extern void *endLeaseCallback; +extern void *pbErrCallback; + +inline static uint8_t login(struct shared_ptr reqCtx) { + fprintf(stderr, "[+] logging in...\n"); + struct shared_ptr flow; + _ZNSt6__ndk110shared_ptrIN17storeservicescore16AuthenticateFlowEE11make_sharedIJRNS0_INS1_14RequestContextEEEEEES3_DpOT_( + &flow, &reqCtx); + _ZN17storeservicescore16AuthenticateFlow3runEv(flow.obj); + struct shared_ptr *resp = + _ZNK17storeservicescore16AuthenticateFlow8responseEv(flow.obj); + if (resp == NULL || resp->obj == NULL) + return 0; + const int respType = + _ZNK17storeservicescore20AuthenticateResponse12responseTypeEv( + resp->obj); + fprintf(stderr, "[.] response type %d\n", respType); + return respType == 6; + // struct shared_ptr subStatMgr; + // _ZN20androidstoreservices30SVSubscriptionStatusMgrFactory6createEv(&subStatMgr); + // struct shared_ptr data; + // int method = 2; + // _ZN20androidstoreservices27SVSubscriptionStatusMgrImpl33checkSubscriptionStatusFromSourceERKNSt6__ndk110shared_ptrIN17storeservicescore14RequestContextEEERKNS_23SVSubscriptionStatusMgr26SVSubscriptionStatusSourceE(&data, + // subStatMgr.obj, &reqCtx, &method); + // return 1; +} + +static inline uint8_t readfull(const int connfd, void *const buf, + const size_t size) { + size_t red = 0; + while (size > red) { + const ssize_t b = read(connfd, ((uint8_t *)buf) + red, size - red); + if (b <= 0) + return 0; + red += b; + } + return 1; +} + +static inline void writefull(const int connfd, void *const buf, + const size_t size) { + size_t red = 0; + while (size > red) { + const ssize_t b = write(connfd, ((uint8_t *)buf) + red, size - red); + if (b <= 0) { + perror("write"); + break; + } + red += b; + } +} + +static void *FHinstance = NULL; +static void *preshareCtx = NULL; + +inline static void *getKdContext(const char *const adam, + const char *const uri) { + uint8_t isPreshare = (strcmp("0", adam) == 0); + if (isPreshare && preshareCtx != NULL) { + return preshareCtx; + } + fprintf(stderr, "[.] adamId: %s, uri: %s\n", adam, uri); + + union std_string defaultId = new_std_string(adam); + union std_string keyUri = new_std_string(uri); + union std_string keyFormat = + new_std_string("com.apple.streamingkeydelivery"); + union std_string keyFormatVer = new_std_string("1"); + union std_string serverUri = new_std_string( + "https://play.itunes.apple.com/WebObjects/MZPlay.woa/music/fps"); + union std_string protocolType = new_std_string("simplified"); + union std_string fpsCert = new_std_string(fairplayCert); + + struct shared_ptr persistK = {.obj = NULL}; + _ZN21SVFootHillSessionCtrl16getPersistentKeyERKNSt6__ndk112basic_stringIcNS0_11char_traitsIcEENS0_9allocatorIcEEEES8_S8_S8_S8_S8_S8_S8_( + &persistK, FHinstance, &defaultId, &defaultId, &keyUri, &keyFormat, + &keyFormatVer, &serverUri, &protocolType, &fpsCert); + + if (persistK.obj == NULL) + return NULL; + + struct shared_ptr SVFootHillPContext; + _ZN21SVFootHillSessionCtrl14decryptContextERKNSt6__ndk112basic_stringIcNS0_11char_traitsIcEENS0_9allocatorIcEEEERKN11SVDecryptor15SVDecryptorTypeERKb( + &SVFootHillPContext, FHinstance, persistK.obj); + + if (SVFootHillPContext.obj == NULL) + return NULL; + + void *kdContext = + *_ZNK18SVFootHillPContext9kdContextEv(SVFootHillPContext.obj); + if (kdContext != NULL && isPreshare) + preshareCtx = kdContext; + return kdContext; +} + +void handle(const int connfd) { + while (1) { + uint8_t adamSize; + if (!readfull(connfd, &adamSize, sizeof(uint8_t))) + return; + if (adamSize <= 0) + return; + + char adam[adamSize + 1]; + if (!readfull(connfd, adam, adamSize)) + return; + adam[adamSize] = '\0'; + + uint8_t uri_size; + if (!readfull(connfd, &uri_size, sizeof(uint8_t))) + return; + + char uri[uri_size + 1]; + if (!readfull(connfd, uri, uri_size)) + return; + uri[uri_size] = '\0'; + + void **const kdContext = getKdContext(adam, uri); + if (kdContext == NULL) + return; + + while (1) { + uint32_t size; + if (!readfull(connfd, &size, sizeof(uint32_t))) { + perror("read"); + return; + } + + if (size <= 0) + break; + + void *sample = malloc(size); + if (sample == NULL) { + perror("malloc"); + return; + } + if (!readfull(connfd, sample, size)) { + free(sample); + perror("read"); + return; + } + + NfcRKVnxuKZy04KWbdFu71Ou(*kdContext, 5, sample, sample, size); + writefull(connfd, sample, size); + free(sample); + } + } +} + +extern uint8_t handle_cpp(int); +static char *selfPath; +static char *portStr; + +inline static int new_socket() { + const int fd = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, IPPROTO_TCP); + if (fd == -1) { + perror("socket"); + return EXIT_FAILURE; + } + const int optval = 1; + setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &optval, sizeof(optval)); + + static struct sockaddr_in serv_addr = {.sin_family = AF_INET}; + serv_addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + serv_addr.sin_port = htons(port); + if (bind(fd, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) == -1) { + perror("bind"); + return EXIT_FAILURE; + } + + if (listen(fd, 5) == -1) { + perror("listen"); + return EXIT_FAILURE; + } + + fprintf(stderr, "[!] listening 127.0.0.1:%d\n", port); + close(STDOUT_FILENO); + + static struct sockaddr_in peer_addr; + static socklen_t peer_addr_size = sizeof(peer_addr); + while (1) { + const int connfd = accept4(fd, (struct sockaddr *)&peer_addr, + &peer_addr_size, SOCK_CLOEXEC); + if (connfd == -1) { + if (errno == ENETDOWN || errno == EPROTO || errno == ENOPROTOOPT || + errno == EHOSTDOWN || errno == ENONET || + errno == EHOSTUNREACH || errno == EOPNOTSUPP || + errno == ENETUNREACH) + continue; + perror("accept4"); + return EXIT_FAILURE; + } + + if (!handle_cpp(connfd)) { + uint8_t autom = 1; + _ZN22SVPlaybackLeaseManager12requestLeaseERKb(leaseMgr, &autom); + } + // if (sigsetjmp(catcher.env, 0) == 0) { + // catcher.do_jump = 1; + // handle(connfd); + // } + // catcher.do_jump = 0; + + if (close(connfd) == -1) { + perror("close"); + return EXIT_FAILURE; + } + } +} + +int main(int argc, char *argv[]) { + selfPath = argv[0]; + if (argc != 2) { + if (argc != 4) { + fprintf(stderr, "usage: %s [port] ([username] [password])\n", + argv[0]); + return EXIT_FAILURE; + } + amUsername = argv[2]; + passLen = strlen(argv[3]); + amPassword = malloc(passLen + 7); + strcpy(amPassword, argv[3]); + } + port = atoi(portStr = argv[1]); + + init(); + const struct shared_ptr ctx = init_ctx(); + if (argc == 4 && !login(ctx)) { + fprintf(stderr, "[!] login failed\n"); + return EXIT_FAILURE; + } + _ZN22SVPlaybackLeaseManagerC2ERKNSt6__ndk18functionIFvRKiEEERKNS1_IFvRKNS0_10shared_ptrIN17storeservicescore19StoreErrorConditionEEEEEE( + leaseMgr, &endLeaseCallback, &pbErrCallback); + uint8_t autom = 1; + _ZN22SVPlaybackLeaseManager25refreshLeaseAutomaticallyERKb(leaseMgr, + &autom); + _ZN22SVPlaybackLeaseManager12requestLeaseERKb(leaseMgr, &autom); + FHinstance = _ZN21SVFootHillSessionCtrl8instanceEv(); + + return new_socket(); +} diff --git a/wrapper.c b/wrapper.c new file mode 100644 index 0000000..3872cc3 --- /dev/null +++ b/wrapper.c @@ -0,0 +1,62 @@ +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include + +pid_t child_proc = -1; + +static void intHan(int signum) { + if (child_proc != -1) { + kill(child_proc, SIGKILL); + } +} + +int main(int argc, char *argv[], char *envp[]) { + if (signal(SIGINT, intHan) == SIG_ERR) { + perror("signal"); + return 1; + } + + if (argc > 2) { + system("rm -r ./rootfs/data/data/com.apple.android.music/files/"); + } + + if (chdir("./rootfs") != 0) { + perror("chdir"); + return 1; + } + if (chroot("./") != 0) { + perror("chroot"); + return 1; + } + mknod("/dev/urandom", S_IFCHR | 0666, makedev(0x1, 0x9)); + chmod("/system/bin/linker64", 0755); + chmod("/system/bin/main", 0755); + + if (unshare(CLONE_NEWPID)) { + perror("unshare"); + return 1; + } + child_proc = fork(); + if (child_proc == -1) { + perror("fork"); + return 1; + } + if (child_proc > 0) { + close(STDOUT_FILENO); + wait(NULL); + return 0; + } + + mkdir("/data/data/com.apple.android.music/files", 0777); + mkdir("/data/data/com.apple.android.music/files/mpl_db", 0777); + execve("/system/bin/main", argv, envp); + perror("execve"); + return 1; +} \ No newline at end of file