Bash on iOS issue - ios

When any application that uses bash to launch their executables as root, iOS registers the bash script as the main executable instead of the intended executable.
The problem is that I cannot turn off cellular access to these applications because iOS calls the script rather than the applications executable and nothing happens.
I found a partial method that works, but it's not practical because the application looses root capabilities, but it will allow the setting's app to disable cellular data for the application;
Remove the bash script,
Rename the apps main executable to the bash scrips name,
Reboot.
Can I do anything to solve this?
Thanks, Jason.

Related

FATAL: Running as root without --no-sandbox is not supported using Electron 7.1.3. on Debian 8, 9

I installed Electron 7.1.3, when I try to run the app this error appears:
FATAL:atom_main_delegate.cc(211)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180
This happens when I use Debian 8 or 9. I used it on Windows and this runs with no problem. I was searching info about this problem but I didn't find something concrete with Electron and Debian, only run: electron --no-sandbox
If someone knows how to solve this, I wanna use Debian here.
I had a similar issue when I run my electron app with sudo:
sudo ./MyElectronApp
[5612:0301/101026.813638:FATAL:electron_main_delegate.cc(211)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.
so In order to add --no-sandbox parameter I did:
sudo ./MyElectronApp --no-sandbox
and it worked!! :)
I thought I had to build my app with parameter but it does not work.
Quote from Process Sandboxing to explain what a sandbox does:
One key security feature in Chromium is that processes can be executed within a sandbox. The sandbox limits the harm that malicious code can cause by limiting access to most system resources — sandboxed processes can only freely use CPU cycles and memory. To perform operations requiring additional privilege, sandboxed processes use dedicated communication channels to delegate tasks to more privileged processes.
In Chromium, sandboxing is applied to most processes other than the main process. This includes renderer processes, as well as utility processes such as the audio service, the GPU service, and the network service.
And quote from Disabling Chromium's sandbox (testing only):
You can also disable Chromium's sandbox entirely with the --no-sandbox CLI flag, which will disable the sandbox for all processes (including utility processes). We highly recommend that you only use this flag for testing purposes, and never in production.
To disable it, run <your-app-name> --no-sandbox.

Electron as system service with ELECTRON_RUN_AS_NODE

What is The Correct(tm) way for an Electron application to run both as a desktop application and as a service?
I have looked high and low for this but to no avail. This is how I think it should work.
Create a launchd/systemd/windows service description that:
Sets ELECTRON_RUN_AS_NODE environment variable
Runs the packaged Electron application
Produces happiness?
Can the packaged Electron application run in this manner access the contents of the ASAR file? If it can, great.
Then just build and package two directories with the application. Both compiled for the ABI version Electron is on:
Directory electron_modules with binary modules compiled for an executable that reports being electron
Directory node_modules with binary modules compiled for an executable that reports being node
With the appropriate NODE_PATH also set in the service description, I should be all golden.
Right?
I am not 100% sure what the OP is asking but I found this question while looking for: how do I run an Electron application as a desktop application and also as a CLI service with no access to a display driver?
The answer from here is
Being based on Chromium, Electron requires a display driver to function. If Chromium can't find a display driver, Electron will fail to launch ... In essence, we need to use a virtual display driver.
The solution (on linux at least)
Install xvfb
Prefix your start command with xvfb-run e.g. xvfb-run node_modules/electron/dist/electron .

Install non-UI app on jailbroken device via AFC2

I am trying to install an app to a jailbroken iPhone from PC via USB (using AFC2), for personal research. The app is actually an installer, so it has no UI.
My biggest 2 problems are: I don't know any API to run a command via an USB services, to run the binary after copying.
Then, I installed a LaunchDaemon plist to start my installer, but it seems that the binary is copied with no execution rights (maybe a limitation in AFC2), so the launch daemon fails.
So now I am stucked. Do you have any ideeas?
UPDATE
Thanks to creker I made some steps into achieving my goal. He provided me with several solutions, but I chosen the automatically install DEB via Cydia, since it looks the most simple and elegant method of all.
Nevertheless, I hit some bumps with this method also:
now I am able to succesfully install the .deb file via Cydia; I load the app and a launch daemon in the deb, but the launch daemon is unable to start the app, since installd fails to validate the app, which was fake-signed with ldid (I thought ldid signing is sufficient for running in jailbroken environment); so I guess either I sign it for real or I use a tweak like AppSync, to bypass validation
I also tried the following formula: a launch daemon to launch a bash script, which then starts the app, since I saw that cydia and OpenSSH registers some launch daemons like that, but my script / launch daemon is ignored, so I presume there should be a trick somewhere. Am I missing something here?
Do you have a WiFi? If not, you can use USB tunneling. Then you can SCP your app on a device and install it with SSH (give it persmissions you need and then launch). That's enough for testing. Or you can pack it into debian package with postinst script that will do all the installation. Debian packages can be installed manually through ssh and deb -i command. Or you can copy it into /var/root/Media/Cydia/AutoInstall and it will be installed automatically on device boot.
As for root:wheel, you can do this in your postinst script. The script by default is executed with root permissions. Just set all necessary permissions in it for all your files. If it's a daemon, you can even manually add it to launchd and launch immediatelly.

Batch/Bash scripting for Jailbroken iOS devices

So I have a jailbroken iPhone and would like to automate some tasks on my phone but I would rather do this myself, rather than download tweaks or apps that can achieve this same functionality.
I do not have a Mac computer, so developing apps and/or tweaks will be a pain in the butt, from what I have read, so then I got thinking about Batch files. And .js and .vbs files that you can use to automate things in Windows.
Does iOS have any similar or equivelant's to Batch file scripting? Can I write a script that can perform a simple task on my iPhone once I have launched that script file on my phone?
Is this possible?
Yes, jailbroken phones have access to bash, and as such you can create bash script files.
See here on how to start writing bash scripts. You write it to a file (typically ending in .sh), make it executable (via chmod +x scriptFile.sh), then run it (./scriptFile.sh). There is also access to Ruby and Python, so you could write scripts in those languages too if you prefer.
You also don't need to write the scripts on the device, you can write them on your PC, and transfer the files over via SCP. This gets a little more complex, as you'll need to install SSH (and make sure you change the default passwords, there is a guide on how via Cydia), and other tools in order to copy them over.

Killing Apps on a jailbroken phone

I am trying to create an app that kills other apps on my jailbroken phone. I have tried many different kill commands but none of them seem to do the trick. I am wondering if anybody has found a kill command that works?
There's a handful of ways to get root privileges on Unix systems; I don't know what would be most appropriate for your jail-broken iOS device, but I can at least outline what's possible on the underlying platform:
Install your program setuid root:
chown root:root /path/to/program/executable
chmod 04755 /path/to/program/executable
When your program runs, it will run as root and have the full privileges and responsibilities of root.
Use a setuid root helper program, such as su(1) or sudo(8) to run your program as root:
sudo /path/to/program/executable
Configure the system startup tools to run your program with root privileges at boot time; this is much more complicated for me to describe, since system boot is extremely system dependent. Look for /etc/inittab or /etc/rc* as starting points. (Maybe iOS uses the newer launchd?)

Resources