IOS Reverse programming (9-1) Logging in to the iPhone over a USB connection and port mapping

A list,

• In previous operations, the client (MAC) and the server (iPhone) are connected through SSH in the same Wifi.

• The problem with this approach is that when the network speed is not very good, typing a command will take a while to display, because your output is successful until the network is synchronized to your phone.

• If you send SSH to a server (iPhone) via a USB connection between the two, you won’t have this problem, and it’s more efficient.

2. Ports

• A port is a window for the device to provide external services. Each port has a port number (65536 in total, ranging from 0 to 65535).

• Some port numbers are reserved and have specified uses, such as:

  • More reserved port numbers: list of service port numbers
  • 21Port to provideFTPservice
  • 80Port to provideHTTPservice
  • 22Port to provideSSHServices (can be viewed/etc/ssh/sshd_config 的 PortField)

  SSH dengzemiao$SSH [email protected] // Go to the /etc/ssh folder iPhone:~ root# CD /etc/ssh IPhone :/etc/ SSH root# ls -l total 572-rw-r --r-- 1 root wheel 577388 Jan 4 2020 Modulo-rw-r --r-- 1 root wheel 1526 Mar 21 2018 ssh_config -rw-r--r-- 1 root wheel 3228 Mar 31 2019 sshd_config // View the sshd_config server configuration file iPhone:/etc/ssh root# cat sshd_config ..... AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress ::..... Omit the upper and lower contentCopy the code

• By default, the iPhone uses PORT 22 for SSH communication and uses TCP.

Three,Wifi 与 USBConnect the difference and thought

• Wifi connection

  • Due to theSSHIs take theTCPAgreement,Client (computer)Directly toSSHBy way ofNetwork (Wifi)Log in toServer (iPhone), which is equivalent toThe computerIs through theSSHThe way to direct access22The port connects to the phone.

  

• USB connection

  • There’s a service on the Mac, USBMUxd (which starts automatically when you start up), that transfers Mac data to the iPhone via USB.

    / / usbmuxd service program for path/System/Library/PrivateFrameworks/MobileDevice framework/Resources/usbmuxdCopy the code

  • A USB connection does not allow direct SSH access to port 22.

  • The process should be to SSH to another window on the machine (as long as it is not a reserved port, for example: 10010), and then pass the data to port 22 of the server (mobile phone) from this port through USBMUxD, thus avoiding the need to access port 22 over the network.

  • You need to map port 10010 of the client (computer) to port 22 of the server (mobile phone). If you want to communicate with port 22 of the server (mobile phone), you can directly communicate with port 10010 of the local client (computer).

  

4. Port mapping

• Download the mapping script:Cgit.sukimashita.com/usbmuxd.git…And extract it, just usepython-clientIn foldertcprelay.py usbmux.pyTwo script files.

• (Optional) You can delete all other files. You can keep only these two files.cdThe same goes for the folders inside.

• Example Map port 22 (SSH port) on the server (mobile phone) to port 10010 on the client (computer).

  • Go to the folder usbmuxd

    $  cd /Users/dengzemiao/Downloads/usbmuxd
    Copy the code

  • Run the mapping command to map port 22 of the server (mobile phone) to port 10010 of the client (PC). Then, you can access port 22 of the server (mobile phone) from port 10010 of the local PC.

    $python tcprelay.py -t 22:10010 // Only one device connection can be supported at a time. $python tcprelay.py 22:10010Copy the code

  • After command input, in such a state is the connection is successful, the mapping window can not be closed, close the mapping relationship is cancelled, so to do other operations we need to open a new terminal window.

  

  • After the mapping is successful, we will no longer be able to access $SSH [email protected], this is the network access mode, now we need to access the local port 10010, in a new terminal window type:

    // Change the IP address to localhost, $SSH -p 10010 root@localhost // Set localhost to 127.0.0.1 $SSH -p 10010 [email protected] // Can also set -p 10010 $SSH --help $SSH root@localhost -p 10010Copy the code

    Ssh_exchange_identification: read: Connection reset by peer, check whether the USB is connected to the mobile phone, make sure that the COMPUTER USB is only connected to the jailbroken mobile phone, if connected to multiple mobile phones or non-jailbroken mobile phone will report this error.

    // Connect port 10010 of localhost dengzemiaodemacbook-pro :~ Dengzemiao $SSH -p 10010 root@localhost The authenticity of host '[localhost]:10010 ([127.0.0.1]:10010)' can't be established. RSA key fingerprint is SHA256: TmFvst8CU2JJqrFZ1QIANzprd1rUckdYjV4lcVaS8Gk. / / before with Wifi Internet connection, Are you sure you want to continue connecting (yes/no)? Yes // Successful connection Warning: Permanently added '[localhost]:10010' (RSA) to the list of known hosts. iPhone:~ root# iPhone:~ root# exit logout Connection to localhost closed.Copy the code

    With a USB connection, any command you type will respond quickly or be displayed, there won’t be a delay like with Wifi, and every link or operation on this linked terminal window will have data output mapped to that terminal window.

Fifth, throughUSBCopy and transfer files and data

• SSH /id_rsa.pub [email protected]:~/.ssh

  SSH :~/. SSH /id_rsa.pub [email protected]:~/. SSH // Because we above the first step to delete the previous authorization file, so now there is no secret login [email protected]'s password: Id_rsa. pub 100% 403 10.1KB/s 00:00 dengzemiaodeMacBook-Pro:. SSH Dengzemiao $Copy the code

• $SCP -p 10010 ~/. SSH /id_rsa.pub root@localhost:~/

  • $SCP –help $SCP –help $SCP –help $SCP –help $SCP –help $SCP –help

  • root@localhost is used to change the IP address to localhost and go to port 10010.

  • Compare the transmission speed below with the transmission capacity of the Wifi above.

  Dengzemiaodemacbook-pro :~ dengzemiao$SCP -p 10010 ~/.ssh/id_rsa.pub root@localhost:~/.ssh id_rsa.pub 100% 403 137.7KB/s 00:00Copy the code

• Now this way, are dependent on the mapping, but as long as the mapping window is closed, the mapping relationship will disappear, so every time you need to add the mapping in the above way to connect.

• The next chapter will be devoted to using this mapping command as a sh script (shell), and then simply executing these script files is more convenient than dragging and dropping files to execute the mapping command every time.

• Also look at the simple writing and use of the sh script.

• IOS reverse programming (9-2) encapsulates port mapping and USB-connected phones into.sh scripts