Skip to content

Instantly share code, notes, and snippets.

View ChiChou's full-sized avatar

codecolorist ChiChou

1.4k followers · 324 following
View GitHub Profile
@walkie
walkie / fslogger.c
Last active November 7, 2023 18:14
Patched version of Amit Singh's fslogger utility, which logs file system events in OS X.
/*
* fslogger.c
*
* A patched version of Amit Singh's fslogger utility, which logs file system
* events in OS X.
*
* This version fixes a small bug where four characters were missing from
* the beginning of each file path. It also eliminates a compiler warning.
*
* To compile:
@yrp604
yrp604 / xnu-syscall-life-amd64.md
Last active October 2, 2023 15:59
The life of an XNU unix syscall on amd64

XNU syscall path

Chart

             +------------------+
             |These push their  |                                  +-----------------------+
             |respective syscall|                                  |This overwrites the    |
             |dispatch functions|                                  |saved dispatch function|
             |onto the stack    |                                  |with hndl_alltraps     |
@ThatsJustCheesy
ThatsJustCheesy / HIServicesPrivate_v1.h
Created August 21, 2017 00:39
Private interfaces in HIServices.framework (subframework of ApplicationServices.framework) that message the Dock to set preferences on-the-fly.
// HIServicesPrivate.h v1
// By ThatsJustCheesy
// TO USE THESE INTERFACES, you MUST link against ApplicationServices.framework.
#pragma once
#ifdef __cplusplus
extern "C" {
#endif
@saelo
saelo / yolo.c
Created May 14, 2018 21:44
Exploit for IPWnKit: a macOS IOKit exploit challenge from Defcon Qualifier CTF 2018
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <pthread.h>
#include <sys/mman.h>
#include <IOKit/IOKitLib.h>
#include <CoreFoundation/CFPropertyList.h>
const char* kMyDriversIOKitClassName = "io_oooverflow_IPwnKit";
@kholia
kholia / ASLR+vsyscall.rst
Last active August 16, 2022 07:32
Notes on ASLR and vsyscall page

Goals

This documents tries to address some concerns with enabling PIE.

Argument 1

One of the criticism of "Using PIE by default on AMD64" is,

@guedou
guedou / GhidraDecompiler.java
Last active March 3, 2022 10:39
Call the Ghidra decompiler from the command line
// Copyright (C) 2019 Guillaume Valadon <guillaume@valadon.net>
// This program is published under a GPLv2 license
/*
* Decompile a function with Ghidra
*
* analyzeHeadless . Test.gpr -import $BINARY_NAME -postScript GhidraDecompiler.java $FUNCTION_ADDRESS -deleteProject -noanalysis
*
*/
@Siguza
Siguza / dsc_syms.c
Last active February 20, 2022 02:19
dyld_shared_cache symbols to r2 flags
// Moved here: https://github.com/Siguza/misc/blob/master/dsc_syms.c
@C0deH4cker
C0deH4cker / syms.c
Created March 20, 2016 03:21
Prints out the name, type, and value of every symbol in a Mach-O file, similar to nm.
//
// main.c
// macho-syms
//
// Created by C0deH4cker on 3/19/16.
// Copyright © 2016 C0deH4cker. All rights reserved.
//
#include <stdio.h>
#include <stdlib.h>
@ninehills
ninehills / zerorpc.md
Created June 18, 2013 12:17
ZeroRPC简介 - 轻量级分布式通信框架

ZeroRPC简介 - 轻量级分布式通信框架

概述

分布式系统的核心是分布式通信,而传统上开发一套支持上千台规模集群,可靠性非常高的分布式通信框架,需要不少的精力投入。而在多数情景下,我们(特别是时间宝贵的OP)并不是非常关注技术实现的细节,而是希望有一套成熟、轻量、可靠性高、使用方便而且易于调试的分布式通信框架,可以直接使用,从而把时间放在具体业务逻辑上。

在PyCon 2012大会上,dotcloud公司开源了一套基于ZeroMQ和MessagePack的分布式通信框架(或者说是协议+Python实现)。该框架因为基于ZeroMQ,使用方法是RPC,所以被命名为ZeroRPC。ZeroRPC的特点在其官网的介绍中一目了然[1]:

ZeroRPC is a light-weight, reliable and language-agnostic library for distributed communication between server-side processes.

@kfatehi
kfatehi / README.md
Last active September 24, 2021 16:51
Compiling libimobiledevice on Raspberry Pi

iPhone Tethering on Raspberry Pi

The instructions here are useful although the current packages in Arch and Debian repositories do not work with iOS 7 (Trust Loop Bug) but it is still a good starting point to understand how this works.

https://wiki.archlinux.org/index.php/IPhone_Tethering

iOS 7 Support

Install libimobiledevice from latest source