- Open Terminal and run
nm kernelcache.dec | grep _kernprocIn this example, 0xfffffff0075d50a0 is our kernproc address.(iPhone6S on 11.3.1)
- Drag your kernelcache.dec into ida and stringsearch for
fStampMapping[kAGXHostMemoryTimestamp]This should take you tocom.apple.AGXG5P:__cstringsection. - Double click on the first text:FFFFFFF...
- Scroll down all the way until you see something like this.
- Double click on unk_FFFFFFF... which is located at the second ADRP.
Cryptiiiic
/ offsets_multipath_kfree.md
Last active
March 1, 2023 05:45
How to find offsets for Multipath_KFree
