Skip to content

Instantly share code, notes, and snippets.

View markuta's full-sized avatar

Naz Markuta markuta

7 followers · 0 following
View GitHub Profile
@markuta
markuta / networking.js
Created December 8, 2023 20:46 — forked from zihadmahiuddin/networking.js
A Frida script for native networking functions (getaddrinfo, connect, send and recv)
console.log("Loading script...");
var getaddrinfoPtr = Module.findExportByName(null, 'getaddrinfo')
var connectPtr = Module.findExportByName(null, 'connect')
var sendPtr = Module.findExportByName(null, 'send')
var recvPtr = Module.findExportByName(null, 'recv')
var getaddrinfoFunction = new NativeFunction(getaddrinfoPtr, 'int', ['pointer', 'pointer', 'pointer', 'pointer'])
var connectFunction = new NativeFunction(connectPtr, 'int', ['int', 'pointer', 'int'])
var sendFunction = new NativeFunction(sendPtr, 'int', ['int', 'pointer', 'int', 'int'])
@markuta
markuta / frida-struct-pointer-pointer.js
Created December 8, 2023 19:27 — forked from schirrmacher/frida-struct-pointer-pointer.js
Frida: How to read a struct or a struct pointer or a pointer of a struct pointer?
/*
typedef struct {
int size;
char* data;
} test_struct;
void some_func(test_struct **s);
@markuta
markuta / checkm8_downgrade.md
Created January 1, 2023 12:28
How to downgrade checkm8 devices from iOS 15/16

Important: Please don't use the comment section to ask for help, I most likely won't respond there as I have it muted due to too many notifications. Join r/jailbreak (#genius-bar) or FDR Bureau (#futurerestore-support) instead.

How to downgrade checkm8 devices from iOS 15/16

This is a guide for downgrading (or upgrading) to unsigned versions with futurerestore on checkm8 devices (A11 and below). You must have blobs for the version you want to go to, and SEP/BB compatibility may limit how far you can go.

Current SEP compatibility

The latest SEP/BB as of right now is iOS 16.0, which is INCOMPATIBLE with anything below. On devices that got iOS 16, you must use 15.6 RC SEP/BB.

@markuta
markuta / unpin.js
Created December 27, 2022 21:54 — forked from JJTech0130/unpin.js
Disable SSL pinning using Frida
// Disables SSL pinning by replacing functions with no-ops.
function unpin() {
var SecTrustEvaluate_handle = Module.findExportByName('Security', 'SecTrustEvaluate');
var SecTrustEvaluateWithError_handle = Module.findExportByName('Security', 'SecTrustEvaluateWithError');
var SSL_CTX_set_custom_verify_handle = Module.findExportByName('libboringssl.dylib', 'SSL_CTX_set_custom_verify');
var SSL_get_psk_identity_handle = Module.findExportByName('libboringssl.dylib', 'SSL_get_psk_identity');
var boringssl_context_set_verify_mode_handle = Module.findExportByName('libboringssl.dylib', 'boringssl_context_set_verify_mode');
if (SecTrustEvaluateWithError_handle) {
var SecTrustEvaluateWithError = new NativeFunction(SecTrustEvaluateWithError_handle, 'int', ['pointer', 'pointer']);