This project automates the process of setting up the necessary environment and tools to extract and analyze kernel panic logs from an iPhone. It provides a fully automated setup script that installs dependencies, compiles the required libimobiledevice library, configures udev rules, and captures kernel logs when the iPhone is connected to a Linux system. This project supports Windows, Linux, and macOS for cross-platform compatibility and ease of use.
main.sh - The main setup script which installs dependencies, configures the environment, and prepares the system for kernel log extraction dump.sh - A script that captures and saves kernel logs and device information. Outputs are saved to kernel_panic_log.txt iOS kernel panic and network status logs are stored in kernel_panic_log.txt and /var/log/kernel_dump.log for easy access and analysis
Fully automated setup for dependency installation and library compilation (libimobiledevice) Cross-platform support for Linux, Windows, and macOS Automatically initiates DFU mode when the iPhone is connected, with instructions for extracting kernel logs Logging of iOS version, device model, kernel panic information, network status, and system metrics Consolidated logging output for efficient troubleshooting and debugging
First do this before anything
#!/bin/bash
echo "Your iPhone has been connected."
echo "Please follow these steps to enter DFU mode:"
echo "1. Connect your iPhone to your computer."
echo "2. Turn off your iPhone."
echo "3. Press and hold the Power button for 3 seconds."
echo "4. While holding the Power button, press and hold the Volume Down button for 10 seconds."
echo "5. Release the Power button but continue holding the Volume Down button for another 5 seconds."
echo "If done correctly, your iPhone screen will be black, and it will be recognized in recovery mode."
Clone the repository git clone https://github.com/SleepTheGod/iPhone_Dump_Kernel.git cd iPhone_Dump_Kernel
Run the setup script ./main.sh This will install necessary dependencies, compile libimobiledevice, set up udev rules, and create the kernel log dump script
To initiate a kernel log capture, connect your iPhone and run ./dump.sh
The captured logs will be stored in
kernel_panic_log.txt in the user’s home directory for device-specific logs /var/log/kernel_dump.log for system-wide logs Dependencies
autoconf, automake, build-essential, git, libglib2.0-dev, libtool, pkg-config, libusb-1.0-0-dev for Linux Windows users will need WSL or a Linux-based environment for compatibility with the main.sh script Example Log Outputs
Kernel Panic Information - Oct 25, 2024 iOS Version - 15.0 Device Model - x86_64 Kernel Panic String - The kernel panic string (if any) will be logged here Network Status - en0 - flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 01:23:45:67:89 inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255 Log saved to /home/user/kernel_panic_log.txt
iOS Version : 15.0 Device Model : iPhone12,1 (iPhone 11) Kernel Version : Darwin Kernel Version 20.3.0: Mon Jan 18 23:14:12 PST 2024; root:xnu-7195.81.3~1/RELEASE_ARM64_T8101 CPU Architecture : ARM64
Panic Location : cpu 0 caller 0xfffffff00abcdef0 Panic Type : Kernel data abort Exception Class : Data Abort (TLB - Kernel Virtual Memory) Faulting Address : 0x0000000000000042 Affected Process : backboardd ESR (Exception Syndrome Register) : 0x96000045
0xffffff8012345678 : panic+0x158 0xffffff8012345678 : vm_fault+0x124 0xffffff8012345678 : translation_fault+0xf8 0xffffff8012345678 : page_fault+0x32 0xffffff8012345678 : kernel_pmap_enter+0x220 0xffffff8012345678 : vfs_context_proc+0x2f4 0xffffff8012345678 : kern_return_t mach_msg_receive+0x104 0xffffff8012345678 : 0xfffffff00f1ab3d1 - Kernel function
CPU Load (1 min) : 27% CPU Load (5 min) : 24% Total RAM : 4 GB Used RAM : 2.1 GB Free RAM : 1.9 GB Disk Usage : 8.7 GB used / 64 GB total Swap Usage : 512 MB / 1 GB
en0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether a1:b2:c3:d4:e5:f6 inet 192.168.1.20 netmask 0xffffff00 broadcast 192.168.1.255 inet6 fe80::a1b2:c3ff:fe4d:e5f6%en0 prefixlen 64 scopeid 0x4 media: autoselect (1000baseT ) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000
Physical Memory: Page size : 4096 bytes Pages in use : 544,257 Free pages : 121,743 Pages wired : 101,205 Compressed pages : 4,872 Active pages : 342,000 Inactive pages : 80,300 Pageouts : 812
Virtual Memory: Swap used : 512 MB / 1 GB Swap file count : 1 VM objects : 108,743 Kernel Memory : 96 MB
Kernel Zone Allocation: Zone name : Kernel_map Zone usage : 22,345 pages Zone size : 4096 KB Allocations : 56,230 objects
Mutex Information: Mutexes in use : 18 Mutex contention : 3 (last 10 seconds)
I/O Status: I/O Threads : 12 I/O operations : 184/s Read operations : 92/s Write operations : 45/s
Affected Process : backboardd Process ID : 234 Process Memory : 54 MB Thread Count : 12 Open File Descriptors: 67
- [INFO] Starting panic log process at 2024-10-25 14:35:21
- [WARN] Memory allocation at threshold; paging high
- [ERROR] TLB exception at 0x0000000000000042
- [INFO] Panic triggered by CPU fault at 0xfffffff00abcdef0
- [INFO] Dumping backtrace information
Log saved to /home/user/kernel_panic_diagnostic_log.txt
This repository provides a script for setting up an SSH server on a jailbroken iOS device.
- A jailbroken iOS device with SSH installed.
- Modify the script to include your application's bundle ID.
-
Clone the Repository:
git clone https://github.com/SleepTheGod/iPhone_Dump_Kernel.git cd iPhone_Dump_Kernel
-
Make the Script Executable:
chmod +x setup_ssh_server.sh
-
Run the Script:
./setup_ssh_server.sh
Make sure to replace the placeholder
com.example.yourapp
in the script with your actual app's bundle ID.
- Security: Running an SSH server exposes your device to potential remote access. Ensure you implement strong security practices.
- Monitor connections to prevent unauthorized access.