Snoolie K 0xilis

## Form_Apple_Archive_From_Unsigned_Shortcut.c
struct libshortcutsign_header_info {
    char *header;
    int keyCount;
    uint32_t fieldKeys[30];
    uint32_t fieldKeyPositions[30];
    uint32_t currentPos;
};

uint32_t get_aa_header_field_key(struct libshortcutsign_header_info info, uint32_t i) {
    if (i >= info.keyCount) {

## iCloud Sign Shortcut on iOS 13+
/*
 * Snoolie K / 0xilis
 * 21 November 2023 (EST)
 * iCloud Sign Shortcuts Example
*/

#import <UIKit/UIKit.h>

@interface WFFileRepresentation : NSObject
@property (readonly, nonatomic) NSData *data;

## main.m
/*
 * Snoolie K
 * 16 November 2023 (EST)
 * Import Unsigned Shortcuts Example
*/

#import <UIKit/UIKit.h>

@interface WFFileRepresentation : NSObject
@property (readonly, nonatomic) NSData *data; // ivar: _data

## bleh.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                0xilis
                / bleh.md
            
            
              Last active
              September 22, 2023 02:11
            
              
                objc4-runtime-notes
              
          
    potential tweak that applies micro-optimizations to libobjc:
_class_getClassVariable:
-find symbol addr
orig code:
cbz x0, loc_3fb0 ; 0000000000003f98
cbz x1, loc_3fb0 ; 0000000000003f9c

  
## hook_free.c
#include <stdio.h>
#include <stdlib.h>

#define CHECK_OFFSET 1

/* Dunno how this works but it does? (At least it seems to on macOS 12.6 :P */
void hook_free(void *pointer) {
  free(pointer);

  void **pointerToArg = &pointer;

## meowify.py

# Snoolie K
# meowifier

# output raw bits of character
def raw(character):
    character_ascii = ord(character)  # Convert character to ASCII value
    binary_string = bin(character_ascii)[2:]  # Convert ASCII value to binary string, remove the '0b' prefix
    raw_bits = [int(bit) for bit in binary_string]  # Convert each binary digit to integer and add to the list
    return raw_bits

## libRuntimeSymbolDump.h
void hexDumpByNSLog(const char *desc, void *addr, int len);
void hexDumpSymbolFromCallStackSymbols(NSString *symbolToFind);

## demo.x
%hookf(int, posix_spawn, pid_t *pid, const char *orig_path, const posix_spawn_file_actions_t *file_actions, const posix_spawnattr_t *attrp, char *const orig_argv[], char *const envp[]) {
 //GUESS: Add DYLD_INSERT_LIBRARIES to envp
 //This is example code that I think should (theoretically) work?
 //compile this dylib and put it in launchd, then CT sign
 //adds a dylib to every process (that being, "/var/subsidiary/TweakDylib.dylib")
 //dylib is sandboxed btw, but should be possible for unsandboxed dylibs as well theoretically, see opainject and the nullconga pdf, not in this example code tho bc idc for now
 //in real world we shouldn't want to insert this dylib in *everything* and only insert it in stuff it should be inserted in, but once again, only an example
 int addingEnvVar = 0; //int/bool that is 1 if we're adding DYLD_INSERT_LIBRARIES=, and 0 if we're modifying it
 int dyldLibIndex = -1;
 char **ptr;
	struct libshortcutsign_header_info {
	char *header;
	int keyCount;
	uint32_t fieldKeys[30];
	uint32_t fieldKeyPositions[30];
	uint32_t currentPos;
	};

	uint32_t get_aa_header_field_key(struct libshortcutsign_header_info info, uint32_t i) {
	if (i >= info.keyCount) {
	/*
	* Snoolie K / 0xilis
	* 21 November 2023 (EST)
	* iCloud Sign Shortcuts Example
	*/

	#import <UIKit/UIKit.h>

	@interface WFFileRepresentation : NSObject
	@property (readonly, nonatomic) NSData *data;
	/*
	* Snoolie K
	* 16 November 2023 (EST)
	* Import Unsigned Shortcuts Example
	*/

	#import <UIKit/UIKit.h>

	@interface WFFileRepresentation : NSObject
	@property (readonly, nonatomic) NSData *data; // ivar: _data
	#include <stdio.h>
	#include <stdlib.h>

	#define CHECK_OFFSET 1

	/* Dunno how this works but it does? (At least it seems to on macOS 12.6 :P */
	void hook_free(void *pointer) {
	free(pointer);

	void **pointerToArg = &pointer;

	# Snoolie K
	# meowifier

	# output raw bits of character
	def raw(character):
	character_ascii = ord(character) # Convert character to ASCII value
	binary_string = bin(character_ascii)[2:] # Convert ASCII value to binary string, remove the '0b' prefix
	raw_bits = [int(bit) for bit in binary_string] # Convert each binary digit to integer and add to the list
	return raw_bits
	void hexDumpByNSLog(const char desc, void addr, int len);
	void hexDumpSymbolFromCallStackSymbols(NSString *symbolToFind);
	%hookf(int, posix_spawn, pid_t pid, const char orig_path, const posix_spawn_file_actions_t file_actions, const posix_spawnattr_t attrp, char const orig_argv[], char const envp[]) {
	//GUESS: Add DYLD_INSERT_LIBRARIES to envp
	//This is example code that I think should (theoretically) work?
	//compile this dylib and put it in launchd, then CT sign
	//adds a dylib to every process (that being, "/var/subsidiary/TweakDylib.dylib")
	//dylib is sandboxed btw, but should be possible for unsandboxed dylibs as well theoretically, see opainject and the nullconga pdf, not in this example code tho bc idc for now
	//in real world we shouldn't want to insert this dylib in everything and only insert it in stuff it should be inserted in, but once again, only an example
	int addingEnvVar = 0; //int/bool that is 1 if we're adding DYLD_INSERT_LIBRARIES=, and 0 if we're modifying it
	int dyldLibIndex = -1;
	char **ptr;