Skip to content

Instantly share code, notes, and snippets.

View knightsc's full-sized avatar

Scott Knight knightsc

145 followers · 0 following
View GitHub Profile
@knightsc
knightsc / realmbot-commands.txt
Last active August 27, 2018 16:52
RealmBot Commands
00423050: login
00425988: rndnick
00425984: rn
00425980: die
00425978: irc.di
00421400: logout
00425974: lo
00425968: versionship
00425964: ver
0042595c: chghttp
@knightsc
knightsc / debug.h
Last active June 24, 2021 13:18
macOS Debug boot-args
/* Debug boot-args */
#define DB_HALT 0x1
//#define DB_PRT 0x2 -- obsolete
#define DB_NMI 0x4
#define DB_KPRT 0x8
#define DB_KDB 0x10
#define DB_ARP 0x40
#define DB_KDP_BP_DIS 0x80
//#define DB_LOG_PI_SCRN 0x100 -- obsolete
#define DB_KDP_GETC_ENA 0x200
@knightsc
knightsc / mojave.kext.diff
Last active December 26, 2019 13:33
macOS Mojave /System/Library/Extensions differences
--- 10.13.kext.txt 2018-09-06 07:59:22.000000000 -0400
+++ 10.14.kext.txt 2018-09-06 08:01:55.000000000 -0400
@@ -1,24 +1,13 @@
ALF.kext
AMD10000Controller.kext
-AMD2400Controller.kext
-AMD2600Controller.kext
-AMD3800Controller.kext
-AMD4600Controller.kext
-AMD4800Controller.kext
@knightsc
knightsc / ScanManager.c
Last active December 15, 2021 01:35
#include <errno.h>
#include <pthread.h>
#include <signal.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <strings.h>
#include <unistd.h>
#include <sys/ioctl.h>
#include <sys/kern_control.h>
@knightsc
knightsc / AVKext.c
Last active January 6, 2020 03:44
McAfee AVKext.kext reversed startup and control code
#include <kern/locks.h>
#include <libkern/libkern.h>
#include <libkern/OSMalloc.h>
#include <mach/mach_types.h>
#include <sys/kauth.h>
#include <sys/kern_control.h>
#include <sys/sysctl.h>
#include <sys/time.h>
#include "AVKext.h"
@knightsc
knightsc / FileScanMessage
Created October 17, 2018 19:19
Raw output of the FileScanMessage sent from the AVKext.kext to it's connected client
F6 01 3D 00 00 00 00 00 45 03 00 00 F6 01 00 00 | ..=.....E.......
14 00 00 00 04 00 00 01 01 00 00 00 67 00 00 00 | ............g...
01 00 00 00 01 00 00 00 00 00 00 00 80 FF FF FF | ................
2F 55 73 65 72 73 2F 75 73 65 72 31 2F 44 6F 77 | /Users/user1/Dow
6E 6C 6F 61 64 73 2F 43 6C 61 70 7A 6F 6B 2F 43 | nloads/Clapzok/C
6C 61 70 7A 6F 6B 00 FF A0 2C 4C 16 80 FF FF FF | lapzok...,L.....
A0 4E F6 20 80 FF FF FF 00 AC AF 1C 80 FF FF FF | .N. ............
F4 E2 AE 15 80 FF FF FF 00 00 00 00 00 00 00 00 | ................
00 2D 4C 16 80 FF FF FF 0D 00 00 00 00 00 00 00 | .-L.............
00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 | ................
@knightsc
knightsc / dmg_rom.asm
Created November 19, 2018 21:43
Game Boy boot rom disassembly
/*
--------------------------------------------------------------------------------
File: dmg_rom.bin
File created with Hopper 4.4.7
Analysis version 55
Loader: RAW
CPU: Sharp/LR35902
64 bits (Little Endian)
@knightsc
knightsc / build-xnu-4903.221.2.sh
Last active August 25, 2019 12:07
A script to build XNU version 4903.221.2 (macOS Mojave 10.14.1).
#! /bin/bash
#
# build-xnu-4903.221.2.sh
# Scott Knight
#
# Based on the script by Brandon Azad
# https://gist.github.com/bazad/654959120a423b226dc564073b435453
#
# A script showing how to build XNU version 4903.221.2 on macOS Mojave
# 10.14 with Xcode 10.1.
@knightsc
knightsc / kexts.graphml
Created January 15, 2019 18:40
<?xml version="1.0" encoding="UTF-8"?>
<graphml xmlns="http://graphml.graphdrawing.org/xmlns">
<graph id="G" edgedefault="undirected">
<node id="Kernel"/>
<node id="AppleEmbeddedOSSupportHost"/>
<node id="AppleSMCLMU"/>
<node id="AppleIntelLpssSpiController"/>
<node id="IOSkywalkFamily"/>
<node id="BridgeAudioCommunication"/>
<node id="ntfs"/>
@knightsc
knightsc / hollow.c
Created February 7, 2019 18:06
#include <spawn.h>
#include <string.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <mach/mach.h>
#define MACH_ERR(str, err) do { \
if (err != KERN_SUCCESS) { \