Scott Knight knightsc
knightsc
/ FileScanMessage
Created
October 17, 2018 19:19
Raw output of the FileScanMessage sent from the AVKext.kext to it's connected client
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| F6 01 3D 00 00 00 00 00 45 03 00 00 F6 01 00 00 | ..=.....E....... | |
| 14 00 00 00 04 00 00 01 01 00 00 00 67 00 00 00 | ............g... | |
| 01 00 00 00 01 00 00 00 00 00 00 00 80 FF FF FF | ................ | |
| 2F 55 73 65 72 73 2F 75 73 65 72 31 2F 44 6F 77 | /Users/user1/Dow | |
| 6E 6C 6F 61 64 73 2F 43 6C 61 70 7A 6F 6B 2F 43 | nloads/Clapzok/C | |
| 6C 61 70 7A 6F 6B 00 FF A0 2C 4C 16 80 FF FF FF | lapzok...,L..... | |
| A0 4E F6 20 80 FF FF FF 00 AC AF 1C 80 FF FF FF | .N. ............ | |
| F4 E2 AE 15 80 FF FF FF 00 00 00 00 00 00 00 00 | ................ | |
| 00 2D 4C 16 80 FF FF FF 0D 00 00 00 00 00 00 00 | .-L............. | |
| 00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 | ................ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <kern/locks.h> | |
| #include <libkern/libkern.h> | |
| #include <libkern/OSMalloc.h> | |
| #include <mach/mach_types.h> | |
| #include <sys/kauth.h> | |
| #include <sys/kern_control.h> | |
| #include <sys/sysctl.h> | |
| #include <sys/time.h> | |
| #include "AVKext.h" |
knightsc
/ ScanManager.c
Last active
December 15, 2021 01:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <errno.h> | |
| #include <pthread.h> | |
| #include <signal.h> | |
| #include <stdbool.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <strings.h> | |
| #include <unistd.h> | |
| #include <sys/ioctl.h> | |
| #include <sys/kern_control.h> |
knightsc
/ mojave.kext.diff
Last active
December 26, 2019 13:33
macOS Mojave /System/Library/Extensions differences
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- 10.13.kext.txt 2018-09-06 07:59:22.000000000 -0400 | |
| +++ 10.14.kext.txt 2018-09-06 08:01:55.000000000 -0400 | |
| @@ -1,24 +1,13 @@ | |
| ALF.kext | |
| AMD10000Controller.kext | |
| -AMD2400Controller.kext | |
| -AMD2600Controller.kext | |
| -AMD3800Controller.kext | |
| -AMD4600Controller.kext | |
| -AMD4800Controller.kext |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Debug boot-args */ | |
| #define DB_HALT 0x1 | |
| //#define DB_PRT 0x2 -- obsolete | |
| #define DB_NMI 0x4 | |
| #define DB_KPRT 0x8 | |
| #define DB_KDB 0x10 | |
| #define DB_ARP 0x40 | |
| #define DB_KDP_BP_DIS 0x80 | |
| //#define DB_LOG_PI_SCRN 0x100 -- obsolete | |
| #define DB_KDP_GETC_ENA 0x200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 00423050: login | |
| 00425988: rndnick | |
| 00425984: rn | |
| 00425980: die | |
| 00425978: irc.di | |
| 00421400: logout | |
| 00425974: lo | |
| 00425968: versionship | |
| 00425964: ver | |
| 0042595c: chghttp |
NewerOlder