Skip to content

Instantly share code, notes, and snippets.

View saagarjha's full-sized avatar

Saagar Jha saagarjha

722 followers · 10 following
View GitHub Profile
@saagarjha
saagarjha / stop_at_entry.c
Last active October 11, 2023 03:41
Endpoint Security client that sends SIGSTOP to newly spawned processes
// To compile: clang stop_at_entry.c -lbsm -lEndpointSecurity -o stop_at_entry,
// then codesign with com.apple.developer.endpoint-security.client and run the
// program as root.
#include <EndpointSecurity/EndpointSecurity.h>
#include <assert.h>
#include <bsm/libbsm.h>
#include <dispatch/dispatch.h>
#include <signal.h>
#include <stdbool.h>
@saagarjha
saagarjha / remote_connection_enabler.mm
Created November 6, 2021 22:48
Enable remote connections in Quartz Debug
// If you haven't already, make sure to run this so the window list works:
// defaults write com.apple.QuartzDebug QuartzDebugPrivateInterface -bool YES
// https://gist.github.com/saagarjha/ed701e3369639410b5d5303612964557
#import "swizzler.h"
#import <AppKit/AppKit.h>
static Swizzler<void, id<NSApplicationDelegate>, NSNotification *> QuartzDebug_applicationDidFinishLaunching_ {
NSClassFromString(@"QuartzDebug"), @selector(applicationDidFinishLaunching:), [](auto self, auto notification) {
QuartzDebug_applicationDidFinishLaunching_(self, notification);
@saagarjha
saagarjha / MetadataExtractor.js
Created February 17, 2023 09:36
Apple's metadata extraction code for link previews in Messages, taken from macOS Ventura 13.3 Beta (22E5219e)
//
// LinkPresentation
// Copyright © 2015-2020 Apple Inc. All rights reserved.
//
// FIXME: Twitter equivalents?
(function () {
var MetadataExtractor = {
@saagarjha
saagarjha / FB11988552.html
Created February 12, 2023 16:44
Leak memory in Safari from a website
<!DOCTYPE html>
<html>
<head>
<script>
var database;
async function foo() {
let key = await window.crypto.subtle.generateKey(
{
name: "HMAC",
@saagarjha
saagarjha / xcode_conformsToProtocol_hang_workaround.mm
Last active December 1, 2022 08:52
Works around a hang in Xcode when it calls -[NSObject conformsToProtocol:] a bunch (https://twitter.com/_saagarjha/status/1476739462197506048)
// https://gist.github.com/saagarjha/ed701e3369639410b5d5303612964557
#import "swizzler.h"
#import <Foundation/Foundation.h>
#import <mutex>
#import <objc/runtime.h>
#import <unordered_map>
#import <utility>
struct PairHasher {
std::size_t operator()(const std::pair<Class, Protocol *> &pair) const {
@saagarjha
saagarjha / fixjit.c
Last active October 8, 2022 04:36
Fix applications that use JIT on Apple silicon but don't know about pthread_jit_write_protect_np
// The usual: compile with clang libfixjit.c -arch arm64 -arch arm64e -shared -o libfixjit.dylib, add to DYLD_INSERT_LIBRARIES.
#include <errno.h>
#include <pthread.h>
#include <stdatomic.h>
__attribute__((constructor)) static void fix_jit() {
unsigned long long mask;
__asm__ volatile("mrs %0, s3_4_c15_c2_7" : "=r"(mask): :);
__asm__ volatile("msr s3_4_c15_c2_7, %0" : : "r"(mask & 0xfffffffff0ffffff) :);
@saagarjha
saagarjha / watchOSURLSchemes.txt
Created June 19, 2022 00:18
watchOS app URL schemes
// Generated via
// grep -r -l CFBundleURLSchemes /Volumes/JupiterB19R570.N121bOS/ | xargs -n1 sh -c '/usr/libexec/PlistBuddy -c "Print" "$0" > /dev/null 2>&1 && echo && echo "$0" && /usr/libexec/PlistBuddy -c "Print :CFBundleURLTypes" "$0"'
// -[LSApplicationWorkspace openURL:configuration:completionHandler] is a good way to open these
/Volumes/JupiterB19R570.N121bOS/System/Library/CoreServices/Carousel.app/Info.plist
Array {
Dict {
CFBundleURLName = com.apple.carousel
CFBundleURLSchemes = Array {
@saagarjha
saagarjha / webserver.service
Created October 6, 2019 03:38
systemd service to run a webserver
[Unit]
Description=Python Web Server
After=network.target
[Service]
Type=simple
Restart=always
User=root
WorkingDirectory=/share
ExecStart=/usr/bin/python3 -m http.server 80
@saagarjha
saagarjha / README.md
Last active March 12, 2022 08:28
Works around some poor performance in XCBBuildService due to slow reflection machinery (https://twitter.com/_saagarjha/status/1499599539795234816)

To build this:

$ swiftc -emit-object XCBBuildServiceFix.swift -O
$ clang XCBBuildServiceFix.o XCBBuildServiceFix.s -shared -o libXCBBuildServiceFix.dylib -O -L /usr/lib/swift/ -lswiftCore -F /Applications/Xcode.app/Contents/SharedFrameworks/XCBuild.framework/Versions/Current/PlugIns/XCBBuildService.bundle/Contents/Frameworks/ -framework XCBUtil -framework XCBProtocol

Then inject the result into XCBBuildService, which launches from /Applications/Xcode.app/Contents/SharedFrameworks/XCBuild.framework/Versions/Current/PlugIns/XCBBuildService.bundle/Contents/MacOS/XCBBuildService, using your injection tool of choice.

@saagarjha
saagarjha / 2022WinterSeed.txt
Created December 17, 2021 13:58
19D5026g/19K5527e/19S5525f
https://updates.cdn-apple.com/2022WinterSeed/fullrestores/002-44494/03F7854E-907A-40F8-B339-E61CF30F192D/iPhone14,5_15.3_19D5026g_Restore.ipsw
https://updates.cdn-apple.com/2022WinterSeed/fullrestores/002-44635/54B0513B-EC2D-426B-961D-8E3266957FCB/iPhone14,2_15.3_19D5026g_Restore.ipsw
https://updates.cdn-apple.com/2022WinterSeed/fullrestores/002-44518/3F901A9B-1D42-4FA2-9FF3-8A76DD0F5D1D/iPhone14,3_15.3_19D5026g_Restore.ipsw
https://updates.cdn-apple.com/2022WinterSeed/fullrestores/002-44567/8F331E94-220A-467B-B184-5F775319B55E/iPhone14,4_15.3_19D5026g_Restore.ipsw
https://updates.cdn-apple.com/2022WinterSeed/fullrestores/002-44658/EE36DA05-8A9D-4336-B200-E929040EB68D/iPhone13,2,iPhone13,3_15.3_19D5026g_Restore.ipsw
https://updates.cdn-apple.com/2022WinterSeed/fullrestores/002-44740/B3BE35AE-0259-4EFF-A0FE-9773D1FACA35/iPhone13,4_15.3_19D5026g_Restore.ipsw
https://updates.cdn-apple.com/2022WinterSeed/fullrestores/002-44924/2AF69685-63D3-4391-A10C-0089ABF9C7D6/iPhone13,1_15.3_19D5026g_Restore.ipsw
https://upda