+------------------+
|These push their | +-----------------------+
|respective syscall| |This overwrites the |
|dispatch functions| |saved dispatch function|
|onto the stack | |with hndl_alltraps |
- ( id ) methodWithOneParam:( id ) theParam { | |
// Do amazing stuff | |
return @"Srsly, Amazing!"; | |
} | |
- ( id ) methodWithFirst:( id ) firstParam | |
andSecond:( id ) secondParam | |
{ | |
// Do doubly amazing stuff |
#import <pthread.h> | |
#import <mach/thread_act.h> | |
// These two functions are declared in mach/thread_policy.h, but are commented out. | |
// They are documented here: https://developer.apple.com/library/mac/#releasenotes/Performance/RN-AffinityAPI/_index.html | |
kern_return_t thread_policy_set( | |
thread_t thread, | |
thread_policy_flavor_t flavor, | |
thread_policy_t policy_info, | |
mach_msg_type_number_t count); |
meaning cmp A, B sign flags | |
------------------------------- ------- --------------- --------------- ------------------- | |
equal eq A == B - Z == 1 | |
not equal ne A != B - Z == 0 | |
carry set cs,hs A >= B unsigned C == 1 | |
carry clear cc,lo A < B unsigned C == 0 | |
higher hi A > B unsigned C == 1 && Z == 0 | |
lower or same ls A <= B unsigned !(C == 1 && Z == 0) |
import sys | |
import json | |
import re | |
kslide = 0x0 | |
if len(sys.argv) < 2: | |
print("Usage: PanicParser.py [file path]") | |
exit() |
Here's a list of mildly interesting things about the C language that I learned mostly by consuming Clang's ASTs. Although surprises are getting sparser, I might continue to update this document over time.
There are many more mildly interesting features of C++, but the language is literally known for being weird, whereas C is usually considered smaller and simpler, so this is (almost) only about C.
1. Combined type and variable/field declaration, inside a struct scope [https://godbolt.org/g/Rh94Go]
struct foo {
struct bar {
int x;
It has come to my attention that BlackHat EU had talks from Alibaba Security about iOS security topics. It seems to be from the same people that have previously presented at DEFCON. Back then I had publicly discussed how their talk is basically just a summary of other people's work that is heavily miscredited to the wrong people.
Considering this history it is surprising that BlackHat would allow the same people to give a talk again on iOS security topics. But I have given up a long time ago on the BlackHat review board and their decisions, which is one of the reasons why I have stopped submitting to them years ago.
But I am digressing from the actual reason for this GIST. And no it is not about the fact that the talk once again starts with summarizing other people's work and crediting the wrong parties for the work done. In this GIST I want to go over one of the slides from the "summary part" of the talk, because not a single item on that slide is correct information.
So here is the offending slide:
![Fr
#!/usr/bin/env bash | |
# Disable Face Detect in Photos app | |
defaults write com.apple.iPhoto PKFaceDetectionEnabled 0 | |
defaults write com.apple.gamed Disabled -bool true | |
defaults write com.apple.NetworkBrowser DisableAirDrop -bool YES # log out, log in | |
xnu libkern c++ 初始化.
先初始化 metavtable
OSMetaClass *IOSurface_InitFunc_7()
{
OSMetaClass *result; // x0
result = OSMetaClass::OSMetaClass(