nick-botticelli

## gist:8f5eb526d4a899c906aae651a7318a40
nick@Nicks-MacBook-Air-4 vma2pwn % tart run 12.0.1
89994699affdef:132
9905b4edc794469:695
9905b4edc794469:695
e2846af5eb52553:475
9526cec925bde03:111
image <ptr>: bdev <ptr> type illb offset 0x20000 len 0x49cde
image <ptr>: bdev <ptr> type logo offset 0x69cde len 0x42e6
ae71af5ee32b84:116

## ios_vma2_ios_boot_diagnostics_15.0.2_restore_boot_log.txt
nick@Nicks-MacBook-Air-4 vma2pwn % tart run 12.0.1 --force-dfu
89994699affdef:132
9905b4edc794469:695
9905b4edc794469:695
e2846af5eb52553:475
9526cec925bde03:111
image <ptr>: bdev <ptr> type illb offset 0x20000 len 0x49cde
image <ptr>: bdev <ptr> type logo offset 0x69cde len 0x42e6
ae71af5ee32b84:116

## macos_vma2_restore_boot_serial_log.txt
nick@Nicks-MacBook-Air-4 vma2pwn % tart run 12.0.1 --force-dfu
89994699affdef:132
9905b4edc794469:695
e2846af5eb52553:475
9526cec925bde03:111
image <ptr>: bdev <ptr> type illb offset 0x20000 len 0x49cde
image <ptr>: bdev <ptr> type logo offset 0x69cde len 0x42e6
ae71af5ee32b84:116


## ios_vma2_15.0.2_log.txt
nick@Nicks-MacBook-Air-4 vma2pwn % tart run 12.0.1
89994699affdef:132
e2846af5eb52553:475
9526cec925bde03:111
image <ptr>: bdev <ptr> type illb offset 0x20000 len 0x49cde
image <ptr>: bdev <ptr> type logo offset 0x69cde len 0x36cd
ae71af5ee32b84:116


=======================================

## vma2_pwned_restore_serial_log_12.0.1.txt
nick@Nicks-MacBook-Air-3 12.0.1 % tart run 12.0.1
89994699affdef:132
e2846af5eb52553:475
9526cec925bde03:111
image <ptr>: bdev <ptr> type ibss offset 0x20000 len 0x49cd4
image <ptr>: bdev <ptr> type logo offset 0x69cd4 len 0x36cd
ae71af5ee32b84:116


=======================================

## vma2_idevicerestore_log_12.0.1.txt
nick@Nicks-MacBook-Air-3 12.0.1 % idevicerestore -e -y -d -R ~/Downloads/UniversalMac_12.0.1_21A559_Restore/
idevicerestore 1.0.0-git-e0b7c03-dirty
irecv_event_cb: device 23fb5c2df1bc8bff (udid: N/A) connected in DFU mode
Found device in DFU mode
opening device 05ac:1227 @ 0x80100000...
Setting to configuration 1
Setting to interface 0:0
ECID: 2592767362880801791
Identified device as vma2macosap, VirtualMac2,1
Extracting BuildManifest from IPSW

## vma2_vz_restore_process_12.0.1.txt
Virtualization.framework restore RE:

* Recorded with Wireshark after running `sudo ifconfig UserHC128 up` immediately after guest VM starts
* Some stuff like USB identifiers, iBoot USB info (SDOM...), and nonce stuff was excluded


     > Send iBSS (ibss)


## vma2_boot_12.0.1_log.txt
89994699affdef:132
9905b4edc794469:695
9905b4edc794469:695
e2846af5eb52553:475
9526cec925bde03:111
image <ptr>: bdev <ptr> type illb offset 0x20000 len 0x49cd4
image <ptr>: bdev <ptr> type logo offset 0x69cd4 len 0x36cd
ae71af5ee32b84:116


## vma2_restore_12.0.1_log.txt
89994699affdef:132
628547459a59420:312
9526cec925bde03:111
ae71af5ee32b84:116


=======================================
::
:: Supervisor iBootStage1 for vma2, Copyright 2007-2021, Apple Inc.
::

## Settings-asm.java
package asm.the.bytecode.club.bytecodeviewer;
import org.objectweb.asm.AnnotationVisitor;
import org.objectweb.asm.Attribute;
import org.objectweb.asm.ClassReader;
import org.objectweb.asm.ClassWriter;
import org.objectweb.asm.ConstantDynamic;
import org.objectweb.asm.FieldVisitor;
import org.objectweb.asm.Handle;
import org.objectweb.asm.Label;
import org.objectweb.asm.MethodVisitor;
	nick@Nicks-MacBook-Air-4 vma2pwn % tart run 12.0.1
	89994699affdef:132
	9905b4edc794469:695
	9905b4edc794469:695
	e2846af5eb52553:475
	9526cec925bde03:111
	image <ptr>: bdev <ptr> type illb offset 0x20000 len 0x49cde
	image <ptr>: bdev <ptr> type logo offset 0x69cde len 0x42e6
	ae71af5ee32b84:116
	nick@Nicks-MacBook-Air-3 12.0.1 % tart run 12.0.1
	89994699affdef:132
	e2846af5eb52553:475
	9526cec925bde03:111
	image <ptr>: bdev <ptr> type ibss offset 0x20000 len 0x49cd4
	image <ptr>: bdev <ptr> type logo offset 0x69cd4 len 0x36cd
	ae71af5ee32b84:116


	=======================================
	nick@Nicks-MacBook-Air-3 12.0.1 % idevicerestore -e -y -d -R ~/Downloads/UniversalMac_12.0.1_21A559_Restore/
	idevicerestore 1.0.0-git-e0b7c03-dirty
	irecv_event_cb: device 23fb5c2df1bc8bff (udid: N/A) connected in DFU mode
	Found device in DFU mode
	opening device 05ac:1227 @ 0x80100000...
	Setting to configuration 1
	Setting to interface 0:0
	ECID: 2592767362880801791
	Identified device as vma2macosap, VirtualMac2,1
	Extracting BuildManifest from IPSW
	Virtualization.framework restore RE:

	* Recorded with Wireshark after running `sudo ifconfig UserHC128 up` immediately after guest VM starts
	* Some stuff like USB identifiers, iBoot USB info (SDOM...), and nonce stuff was excluded



	> Send iBSS (ibss)
	89994699affdef:132
	628547459a59420:312
	9526cec925bde03:111
	ae71af5ee32b84:116


	=======================================
	::
	:: Supervisor iBootStage1 for vma2, Copyright 2007-2021, Apple Inc.
	::
	package asm.the.bytecode.club.bytecodeviewer;
	import org.objectweb.asm.AnnotationVisitor;
	import org.objectweb.asm.Attribute;
	import org.objectweb.asm.ClassReader;
	import org.objectweb.asm.ClassWriter;
	import org.objectweb.asm.ConstantDynamic;
	import org.objectweb.asm.FieldVisitor;
	import org.objectweb.asm.Handle;
	import org.objectweb.asm.Label;
	import org.objectweb.asm.MethodVisitor;