enigmaticape

- ( id ) methodWithOneParam:( id ) theParam {
    // Do amazing stuff
    return @"Srsly, Amazing!";
}


- ( id ) methodWithFirst:( id ) firstParam
               andSecond:( id ) secondParam
{
    // Do doubly amazing stuff

Coneko

#import <pthread.h>
#import <mach/thread_act.h>

// These two functions are declared in mach/thread_policy.h, but are commented out.
// They are documented here: https://developer.apple.com/library/mac/#releasenotes/Performance/RN-AffinityAPI/_index.html
kern_return_t	thread_policy_set(
					thread_t			thread,
					thread_policy_flavor_t		flavor,
					thread_policy_t			policy_info,
					mach_msg_type_number_t		count);

yrp604

XNU syscall path

Chart

             +------------------+
             |These push their  |                                  +-----------------------+
             |respective syscall|                                  |This overwrites the    |
             |dispatch functions|                                  |saved dispatch function|
             |onto the stack    |                                  |with hndl_alltraps     |

ryo

meaning                         cmp     A, B            sign            flags
------------------------------- ------- --------------- --------------- -------------------
equal                           eq      A == B          -               Z == 1
not equal                       ne      A != B          -               Z == 0

carry set                       cs,hs   A >= B          unsigned        C == 1
carry clear                     cc,lo   A < B           unsigned        C == 0
higher                          hi      A > B           unsigned        C == 1 && Z == 0
lower or same                   ls      A <= B          unsigned        !(C == 1 && Z == 0)

PsychoTea

import sys
import json
import re

kslide = 0x0

if len(sys.argv) < 2:
  print("Usage: PanicParser.py [file path]")
  exit()

fay59

Here's a list of mildly interesting things about the C language that I learned mostly by consuming Clang's ASTs. Although surprises are getting sparser, I might continue to update this document over time.

There are many more mildly interesting features of C++, but the language is literally known for being weird, whereas C is usually considered smaller and simpler, so this is (almost) only about C.

1. Combined type and variable/field declaration, inside a struct scope [https://godbolt.org/g/Rh94Go]

struct foo {
   struct bar {
 int x;

stefanesser

It has come to my attention that BlackHat EU had talks from Alibaba Security about iOS security topics. It seems to be from the same people that have previously presented at DEFCON. Back then I had publicly discussed how their talk is basically just a summary of other people's work that is heavily miscredited to the wrong people.

Considering this history it is surprising that BlackHat would allow the same people to give a talk again on iOS security topics. But I have given up a long time ago on the BlackHat review board and their decisions, which is one of the reasons why I have stopped submitting to them years ago.

But I am digressing from the actual reason for this GIST. And no it is not about the fact that the talk once again starts with summarizing other people's work and crediting the wrong parties for the work done. In this GIST I want to go over one of the slides from the "summary part" of the talk, because not a single item on that slide is correct information.

So here is the offending slide:

![Fr

htr3n

Built-in

diskutil erasevolume HFS+ 'RAM Disk' `hdiutil attach -nobrowse -nomount ram://XXXXX`

where XXXXX is the size of the RAM disk in terms of memory blocks.

Notes:

andrewpetrochenkov

#!/usr/bin/env bash

# Disable Face Detect in Photos app
defaults write com.apple.iPhoto PKFaceDetectionEnabled 0
defaults write com.apple.gamed Disabled -bool true
defaults write com.apple.NetworkBrowser DisableAirDrop -bool YES # log out, log in

jmpews

xnu libkern c++ 初始化.

先初始化 metavtable

OSMetaClass *IOSurface_InitFunc_7()
{
  OSMetaClass *result; // x0

  result = OSMetaClass::OSMetaClass(