Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.
You've got two main options:
{ "apiset entries": [ | |
{ "apiset name": "api-ms-onecoreuap-print-render-l1-1-0", "hosts": "printrenderapihost.dll" }, | |
{ "apiset name": "api-ms-win-appmodel-identity-l1-2-0", "hosts": "kernel.appcore.dll" }, | |
{ "apiset name": "api-ms-win-appmodel-runtime-internal-l1-1-7", "hosts": "kernel.appcore.dll" }, | |
{ "apiset name": "api-ms-win-appmodel-runtime-l1-1-3", "hosts": "kernel.appcore.dll" }, | |
{ "apiset name": "api-ms-win-appmodel-state-l1-1-2", "hosts": "kernel.appcore.dll" }, | |
{ "apiset name": "api-ms-win-appmodel-state-l1-2-0", "hosts": "kernel.appcore.dll" }, | |
{ "apiset name": "api-ms-win-appmodel-unlock-l1-1-0", "hosts": "kernel.appcore.dll" }, | |
{ "apiset name": "api-ms-win-base-bootconfig-l1-1-0", "hosts": "advapi32.dll" }, | |
{ "apiset name": "api-ms-win-base-util-l1-1-0", "hosts": "advapi32.dll" }, |
import random | |
import sys | |
import io | |
from ctypes import windll, POINTER, byref | |
from ctypes.wintypes import LPVOID, DWORD, LPCSTR, LPSTR, BOOL, HANDLE | |
DeviceIoControl = windll.kernel32.DeviceIoControl | |
CreateFileA = windll.kernel32.CreateFileA | |
CloseHandle = windll.kernel32.CloseHandle |
#!/usr/bin/env python2 | |
from pwn import * | |
import sys | |
import struct | |
BINARY = './winterpreter.exe' | |
IS_REMOTE = True | |
H,P = ('183.107.102.15', 54321) | |
if not IS_REMOTE: |
|=-----------------------------------------------------------------------=| | |
|=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=| | |
|=-----------------------------------------------------------------------=| | |
|=------------------------------=[ saelo ]=------------------------------=| | |
|=-----------------------------------------------------------------------=| | |
The following are some brief notes about the changes that have taken place | |
since the release of the "Attacking JavaScript Engines" paper [1]. In | |
general, no big conceptional changes have happened since. Mitigations have | |
been added to break some of the presented techniques and, as expected, a |
import lief | |
from sys import argv | |
import colorama | |
def _color_print(name): | |
colorama.init(autoreset=True) | |
def color_print(func): | |
def wrapper(*args, **kwargs): | |
ret = func(*args, **kwargs) | |
if ret != False: |
/* | |
* Hook main() using LD_PRELOAD, because why not? | |
* Obviously, this code is not portable. Use at your own risk. | |
* | |
* Compile using 'gcc hax.c -o hax.so -fPIC -shared -ldl' | |
* Then run your program as 'LD_PRELOAD=$PWD/hax.so ./a.out' | |
*/ | |
#define _GNU_SOURCE | |
#include <stdio.h> |
Index: server/main.c | |
=================================================================== | |
--- server/main.c (revision 1794475) | |
+++ server/main.c (working copy) | |
@@ -434,11 +434,157 @@ | |
ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL, | |
" -X : debug mode (only one worker, do not detach)"); | |
- destroy_and_exit_process(process, 1); | |
+ destroy_and_exit_process(process, 0); |