Skip to content

Instantly share code, notes, and snippets.

@macshome
macshome / defang.md
Last active April 24, 2024 18:31
How to defang system protections on macOS

How to Defang macOS System Protections

If you want to change things on the root drive of a Mac you will need to take some steps to disable the built in security of the system. Most of these steps are the same regardless if you are on Intel or Apple Silicon. If there is a difference it is noted.

Note that all of these things put a Mac into an unsupported and less secure state.

Make sure you either perform these steps in a VM or that you reset the protections after you are done poking around

Protections and Terms

(This list is not exahustive on the details of each. Check the links at the end for more info.)

@aemmitt-ns
aemmitt-ns / funtime.js
Last active December 30, 2023 06:26
funtime: detailed objective-c runtime tracing. ex `python funtime.py -n Messages '-[NSRegularExpression *]'`
const typeMap = {
"c": "char",
"i": "int",
"s": "short",
"l": "long",
"q": "long long",
"C": "unsigned char",
"I": "unsigned int",
"S": "unsigned short",
@stek29
stek29 / 0webosbrew-letsencrypt-ca.md
Last active April 28, 2024 11:20
fix webOS ca certificates for DST Root X3 expiry (on rooted TVs)

HowTo

  • Root via rootmy.tv
  • Install

Tested on webOS 4.5, should at least on webOS 3.5+

Installation/Update

curl -qs "https://gist.githubusercontent.com/stek29/761232c6f7e1ffbc36b98da2a3a0f4d9/raw/install.sh?$(date +%s)" | sh -
@Siguza
Siguza / pallas.sh
Last active February 5, 2024 21:33
newstyle OTA
#!/usr/bin/env zsh
set -e;
set +m; # Job control would've been nice, but manual round robin it is, sigh.
if [ -z "${ZSH_VERSION+x}" ]; then
echo 'Try again with zsh.';
exit 1;
fi;
@zwaldowski
zwaldowski / EventGenerator.swift
Created April 26, 2019 05:35
UIKit Touch Synthesis (Hacks! Hacks hacks! Hacks!)
import UIKit
import ObjectiveC.runtime
// MARK: - IOKit
@objc private protocol IOHIDEvent: NSObjectProtocol {}
private struct IOHIDDigitizerEventMask: OptionSet {
let rawValue: UInt32
init(rawValue: UInt32) { self.rawValue = rawValue }
void inject_trusts(int pathc, const char *paths[])
{
printf("[+] injecting into trust cache...\n");
extern uint64_t g_kern_base;
static uint64_t tc = 0;
if (tc == 0) {
/* loaded_trust_caches
iPhone11,2-4-6: 0xFFFFFFF008F702C8
#! /usr/sbin/dtrace -C -s
/*
requirement: disable SIP
*/
#pragma D option quiet
BEGIN {
printf("vm_kernel_slide: 0x%p\n", (`vm_kernel_slide));
printf("vm_kernel_base: 0x%p\n", (`vm_kernel_base));
@olih
olih / jq-cheetsheet.md
Last active May 15, 2024 22:26
jq Cheet Sheet

Processing JSON using jq

jq is useful to slice, filter, map and transform structured json data.

Installing jq

On Mac OS

brew install jq

#include <substrate.h>
#include <mach/mach.h>
#include <mach/mach_time.h>
#include <IOKit/hid/IOHIDEventTypes.h>
#include <IOKit/hidsystem/IOHIDUsageTables.h>
#include <GraphicsServices/GraphicsServices.h>
@nabla-c0d3
nabla-c0d3 / gist:f952c6fcc1e9d359dbfe
Last active December 22, 2022 12:47
Hooking a variadic function with Cydia Substrate
//
// LibC.m
//
// Created by Alban Diquet on 5/14/14.
// Copyright (c) 2014 Alban Diquet. All rights reserved.
//
#import <CydiaSubstrate.h>
#import "LibC.h"