1. 概述
从theiphonewiki中拷贝出来的,为了以后查找方便,放到这里。
2. 私有函数地址的获取
In order to obtain the address of a usable private function in MobileDevice, you will have to be able to understand x86-64 assembly to reverse engineer it. These methods differ slightly based on platform due to how dynamically linked libraries handle position independent code.
2.1 Mac OS X (MobileDevice.framework)
A private function is not marked as exported in the mach-o symbol table. This means it cannot be called by simply linking against the library. To call unexported functions, the mach-o symbol table must be stepped through manually to find the offset of a particular function call. Calls can be verified by checking against the offset of the name inside the name table.
2.2 Windows (MobileDevice.dll)
Unlike OS X’s dynamically linkable libraries, Windows dynamic libraries do not support position independent code in the same manner. A private function will not have its name in the exported symbol table, so in a debugger, like GDB, it will show up as part of another function. However, you will know that it is a separate function as a new stack frame is set up.
3. Known Error Codes
kAMDSuccess = 0x0
kAMDUndefinedError = 0xe8000001
kAMDBadHeaderError = 0xe8000002
kAMDNoResourcesError = 0xe8000003
kAMDReadError = 0xe8000004
kAMDWriteError = 0xe8000005
kAMDUnknownPacketError = 0xe8000006
kAMDInvalidArgumentError = 0xe8000007
kAMDNotFoundError = 0xe8000008
kAMDIsDirectoryError = 0xe8000009
kAMDPermissionError = 0xe800000a
kAMDNotConnectedError = 0xe800000b
kAMDTimeOutError = 0xe800000c
kAMDOverrunError = 0xe800000d
kAMDEOFError = 0xe800000e
kAMDUnsupportedError = 0xe800000f
kAMDFileExistsError = 0xe8000010
kAMDBusyError = 0xe8000011
kAMDCryptoError = 0xe8000012
kAMDInvalidResponseError = 0xe8000013
kAMDMissingKeyError = 0xe8000014
kAMDMissingValueError = 0xe8000015
kAMDGetProhibitedError = 0xe8000016
kAMDSetProhibitedError = 0xe8000017
kAMDRemoveProhibitedError = 0xe8000018
kAMDImmutableValueError = 0xe8000019
kAMDPasswordProtectedError = 0xe800001a
kAMDMissingHostIDError = 0xe800001b
kAMDInvalidHostIDError = 0xe800001c
kAMDSessionActiveError = 0xe800001d
kAMDSessionInactiveError = 0xe800001e
kAMDMissingSessionIDError = 0xe800001f
kAMDInvalidSessionIDError = 0xe8000020
kAMDMissingServiceError = 0xe8000021
kAMDInvalidServiceError = 0xe8000022
kAMDInvalidCheckinError = 0xe8000023
kAMDCheckinTimeoutError = 0xe8000024
kAMDMissingPairRecordError = 0xe8000025
kAMDInvalidActivationRecordError = 0xe8000026
kAMDMissingActivationRecordError = 0xe8000027
kAMDWrongDroidError = 0xe8000028
kAMDSUVerificationError = 0xe8000029
kAMDSUPatchError = 0xe800002a
kAMDSUFirmwareError = 0xe800002b
kAMDProvisioningProfileNotValid = 0xe800002c
kAMDSendMessageError = 0xe800002d
kAMDReceiveMessageError = 0xe800002e
kAMDMissingOptionsError = 0xe800002f
kAMDMissingImageTypeError = 0xe8000030
kAMDDigestFailedError = 0xe8000031
kAMDStartServiceError = 0xe8000032
kAMDInvalidDiskImageError = 0xe8000033
kAMDMissingDigestError = 0xe8000034
kAMDMuxError = 0xe8000035
kAMDApplicationAlreadyInstalledError = 0xe8000036
kAMDApplicationMoveFailedError = 0xe8000037
kAMDApplicationSINFCaptureFailedError = 0xe8000038
kAMDApplicationSandboxFailedError = 0xe8000039
kAMDApplicationVerificationFailedError = 0xe800003a
kAMDArchiveDestructionFailedError = 0xe800003b
kAMDBundleVerificationFailedError = 0xe800003c
kAMDCarrierBundleCopyFailedError = 0xe800003d
kAMDCarrierBundleDirectoryCreationFailedError = 0xe800003e
kAMDCarrierBundleMissingSupportedSIMsError = 0xe800003f
kAMDCommCenterNotificationFailedError = 0xe8000040
kAMDContainerCreationFailedError = 0xe8000041
kAMDContainerP0wnFailedError = 0xe8000042
kAMDContainerRemovalFailedError = 0xe8000043
kAMDEmbeddedProfileInstallFailedError = 0xe8000044
kAMDErrorError = 0xe8000045
kAMDExecutableTwiddleFailedError = 0xe8000046
kAMDExistenceCheckFailedError = 0xe8000047
kAMDInstallMapUpdateFailedError = 0xe8000048
kAMDManifestCaptureFailedError = 0xe8000049
kAMDMapGenerationFailedError = 0xe800004a
kAMDMissingBundleExecutableError = 0xe800004b
kAMDMissingBundleIdentifierError = 0xe800004c
kAMDMissingBundlePathError = 0xe800004d
kAMDMissingContainerError = 0xe800004e
kAMDNotificationFailedError = 0xe800004f
kAMDPackageExtractionFailedError = 0xe8000050
kAMDPackageInspectionFailedError = 0xe8000051
kAMDPackageMoveFailedError = 0xe8000052
kAMDPathConversionFailedError = 0xe8000053
kAMDRestoreContainerFailedError = 0xe8000054
kAMDSeatbeltProfileRemovalFailedError = 0xe8000055
kAMDStageCreationFailedError = 0xe8000056
kAMDSymlinkFailedError = 0xe8000057
kAMDiTunesArtworkCaptureFailedError = 0xe8000058
kAMDiTunesMetadataCaptureFailedError = 0xe8000059
kAMDAlreadyArchivedError = 0xe800005a
kAMDProhibitedBySupervision = 0xe8000083
