Skip to content

Instantly share code, notes, and snippets.

View TheOiseth's full-sized avatar

oiseth TheOiseth

2 followers · 9 following
View GitHub Profile
@vocaeq
vocaeq / inject.c
Last active April 2, 2024 09:09 — forked from knightsc/inject.c
An example of how to inject code to call dlopen and load a dylib into a remote mach task. Tested on 12.5 M1 Pro.
#include <dlfcn.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <mach/mach.h>
#include <mach/error.h>
#include <errno.h>
#include <stdlib.h>
#include <sys/sysctl.h>
#include <sys/mman.h>
@geoff-nixon
geoff-nixon / macos-syscall.c
Created November 25, 2020 02:13 — forked from michaeljclark/macos-syscall.c
simple macos process with no dependency on libsystem.dylib
/*
* cc -Wall -O3 -c macos-syscall.c -o macos-syscall.o
* ld -static -macosx_version_min 10.12 -pagezero_size 0x1000 macos-syscall.o -o macos-syscall
*/
__attribute__ ((visibility("default"))) extern void start(void) asm("start");
#define NR_exit 0x2000001
#define NR_write 0x2000004
@bazad
bazad / vmmap.c
Last active January 4, 2024 16:32
A simple vmmap implementation for macOS.
// Brandon Azad (@_bazad)
#include <assert.h>
#include <errno.h>
#include <mach/mach.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
@Wack0
Wack0 / peb.c
Created December 31, 2017 16:31
Getting a pointer to the PEB in C, for every architecture that NT was ported to (where at least one build of the port was leaked/released)
// Gets a pointer to the PEB for x86, x64, ARM, ARM64, IA64, Alpha AXP, MIPS, and PowerPC.
// This relies on MS-compiler intrinsics.
// It has only been tested on x86/x64/ARMv7.
inline PEB* NtCurrentPeb() {
#ifdef _M_X64
return (PEB*)(__readgsqword(0x60));
#elif _M_IX86
return (PEB*)(__readfsdword(0x30));