cheesecakeufo

## xpc_idapro.py
# Created to make RE-ing XPC a bit easier (in a shitty way)
# yes, somethings are hard-coded but I've done it because I don't want to spend more time on this
# created by Abraham Masri @cheesecakeufo

import re
import idaapi
import idautils

paths = ["/usr/include/xpc/xpc.h",
         "/usr/include/xpc/activity.h",

## gist:d11e61afa7a0d0a9f2b5a1e42ee505d8
// gets uid 0 (iOS 11)
// add patchfinder and you should be good
// Abraham Masri @cheesecakeufo


/*
 * Purpose: iterates over the procs and finds our proc
 */
uint64_t get_our_proc() {

## gist:36eff98f219e270c38176197d11c8fc9

    // finding offsets for v0rtex in IDA Pro

    // first address in __PRELINK_TEXT:__PRELINK_TEXT
    g_offsets.main_kernel_base = 0xFFFFFFF007004000;

    // exports -> _kernel_task
    g_offsets.kernel_task = 0xfffffff0075c2050;


## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                cheesecakeufo
                / keybase.md
            
            
              Created
              October 14, 2017 01:47
            
          
    Keybase proof

I hereby claim:

I am iabem97 on github.
I am cheesecakeufo (https://keybase.io/cheesecakeufo) on keybase.
I have a public key ASAx6bK_oI2DxDcZVijo9rV4cXU8AW99gfbrHPpX1agwFAo

To claim this, I am signing this object:

  
## tos-pp.txt
Lypstick Terms of Service and Privacy Policy

1. Terms

By using Lypstick(iOS/Android), you are agreeing to be bound by these terms of service, all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this website are protected by applicable copyright and trademark law.

2. Use License

Permission is granted to temporarily download one copy of the materials (information or software) on Lypstick's database for personal, non-commercial transitory viewing only. This is the grant of a license, not a transfer of title, and under this license you may not:
modify or copy the materials;
	# Created to make RE-ing XPC a bit easier (in a shitty way)
	# yes, somethings are hard-coded but I've done it because I don't want to spend more time on this
	# created by Abraham Masri @cheesecakeufo

	import re
	import idaapi
	import idautils

	paths = ["/usr/include/xpc/xpc.h",
	"/usr/include/xpc/activity.h",
	// gets uid 0 (iOS 11)
	// add patchfinder and you should be good
	// Abraham Masri @cheesecakeufo



	/*
	* Purpose: iterates over the procs and finds our proc
	*/
	uint64_t get_our_proc() {

	// finding offsets for v0rtex in IDA Pro

	// first address in __PRELINK_TEXT:__PRELINK_TEXT
	g_offsets.main_kernel_base = 0xFFFFFFF007004000;

	// exports -> _kernel_task
	g_offsets.kernel_task = 0xfffffff0075c2050;
	Lypstick Terms of Service and Privacy Policy

	1. Terms

	By using Lypstick(iOS/Android), you are agreeing to be bound by these terms of service, all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this website are protected by applicable copyright and trademark law.

	2. Use License

	Permission is granted to temporarily download one copy of the materials (information or software) on Lypstick's database for personal, non-commercial transitory viewing only. This is the grant of a license, not a transfer of title, and under this license you may not:
	modify or copy the materials;