| #used as part of a unit test | |
| def _compare_directories(self, expected_dir, actual_dir, header=None): | |
| """Compares two directories and diffs any different files. | |
| The file list of both directories must match and the files must match. | |
| Sub directories are not considered as I don't need to in my case. | |
| The diff will not show that a file was deleted from one side. It shows | |
| that all the lines were removed. | |
| #include <sys/socket.h> | |
| #include <sys/ioctl.h> | |
| #include <sys/kern_event.h> | |
| #include <stdio.h> | |
| #include <stdint.h> | |
| #include <stdbool.h> | |
| #include <stdlib.h> | |
| #include <assert.h> | |
| #include <string.h> | |
| #include <net/ethernet.h> |
I've never had great understanding of launchctl but the deprecation of the old commands with launchctl 2 (10.10) has been terrible as all resources only cover the old commands, and documentation for Apple utilities is generally disgracefully bad, with launchctl not dissembling.
Mad props to https://babodee.wordpress.com/2016/04/09/launchctl-2-0-syntax/ which contains most details
Internally, launchd has several domains, but launchctl 1 would only ask for service names,
| #!/bin/sh | |
| # based on https://gist.github.com/ipedrazas/9c622404fb41f2343a0db85b3821275d | |
| # delete all evicted pods from all namespaces | |
| kubectl get pods --all-namespaces | grep Evicted | awk '{print $2 " --namespace=" $1}' | xargs kubectl delete pod | |
| # delete all containers in ImagePullBackOff state from all namespaces | |
| kubectl get pods --all-namespaces | grep 'ImagePullBackOff' | awk '{print $2 " --namespace=" $1}' | xargs kubectl delete pod | |
| # delete all containers in ImagePullBackOff or ErrImagePull or Evicted state from all namespaces |
| #include <dlfcn.h> | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <sys/types.h> | |
| #include <mach/mach.h> | |
| #include <mach/error.h> | |
| #include <errno.h> | |
| #include <stdlib.h> | |
| #include <sys/sysctl.h> | |
| #include <sys/mman.h> |
The challenge consisted of an iOS app (Calc.app) which implemented a simple calculator. Moreover, the app also registered a custom URL scheme (icalc://) which would simply evaluate the content of the URL. The calculator was implemented using NSExpressions and the input string would simply be parsed as such an expression and executed. NSExpressions are pretty powerful and allow for example calls to ObjC Methods (e.q. typing in sqrt(42) would end up calling +[_NSPredicateUtilities sqrt:@42]). Further, there are two interesting helper functions available in NSExpressions:
FUNCTION(obj, 'foo', "bar")
Which will result in a call of the method 'foo' on object obj with parameter "bar" (an NSString).
| #if 0 | |
| // Fixed in iOS 13.1 with CVE-2019-8747 | |
| __thiscall | |
| AppleFirmwareUpdateKext::loadFirmware | |
| (AppleFirmwareUpdateKext *this,IOMemoryDescriptor *Memory,void *off_0x10,uint off_0x18) | |
| { | |
| uint uVar1; | |
| byte addr; | |
| byte len; |
| import sys | |
| import json | |
| import re | |
| kslide = 0x0 | |
| if len(sys.argv) < 2: | |
| print("Usage: PanicParser.py [file path]") | |
| exit() |
| #if 0 | |
| IOAccelContext2::finish_fence_event() race condition OOB read/write | |
| This is a method exposed to user space, it takes a kernel read-only shared memory | |
| (type 2 via clientMemoryForType()) address and treats it as an IOAccelEvents Array. | |
| The user supplied index is checked against the IOAccelEvents array bounds,since there are no | |
| locks held in this method,it is possible to change the array bounds by calling | |
| IOAccelContext2::clientMemoryForType() again in a separate thread, this will expand the size by | |
| multiplying the older size by 2, but we still have a reference to the old shared memory address |