Vault7: CIA Hacking Tools Revealed
Navigation: » Latest version
Owner: User #15728648
Place guides / tips / general information on reverse engineering iOS-related binaries / protocols / etc.
Lockdownd is a daemon on the device that provides services for interacting with an iOS device. Some of these services include:
Apple File Conduit, used by iTunes to exchange files(mostly Media, like photos and videos)
between the device
System Log Relay, used by Xcode to display the syslog from the device.
You can see this in action in Xcode by going to Xcode -> Devices
Retrieves device information, as well as power-related functions like sleeping, restarting, and shutdown.
for various keys you can use to retrieve device information.
In iOS 8, these services are defined in an xml file(known by Apple as a plist file) within the /usr/libexec/lockdownd binary.
It is embedded inside of a section of the binary itself, and can be extracted by doing the following:
# this will show you the sections of the MachO binary. # as of iOS 8, the services are defined in the __TEXT Segment, __services section. $ xcrun otool -lv lockdownd $ xcrun segedit lockdownd -extract __TEXT __services services.plist
In iOS 7, the services were defined in a separate plist file, located in /System/Libary/Lockdown/Services.plist.
Communicating With Lockdownd