This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
set -eu | |
create_iconset() { | |
mkdir -p Ghidra.iconset | |
cat << EOF > Ghidra.iconset/Contents.json | |
{ | |
"images": | |
[ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// | |
// LinkPresentation | |
// Copyright © 2015-2020 Apple Inc. All rights reserved. | |
// | |
// FIXME: Twitter equivalents? | |
(function () { | |
var MetadataExtractor = { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Sometimes you have a large file on a small disk and would like to "transform" | |
// it in some way: for example, by decompressing it. However, you might not have | |
// enough space on disk to keep both the the compressed file and the | |
// decompressed results. If the process can be done in a streaming fashion, it | |
// would be nice if the file could be "drained"; that is, the file would be | |
// sequentially deleted as it is consumed. At the start you'd have 100% of the | |
// original file, somewhere in the middle you'd have about half of the original | |
// file and half of your output, and by the end the original file will be gone | |
// and you'll be left with just the results. If you do it this way, you might | |
// be able to do the entire operation without extra space! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// To compile: clang++ -arch x86_64 -arch arm64 -std=c++20 library_injector.cpp -lbsm -lEndpointSecurity -o library_injector, | |
// then codesign with com.apple.developer.endpoint-security.client and run the | |
// program as root. | |
#include <EndpointSecurity/EndpointSecurity.h> | |
#include <algorithm> | |
#include <array> | |
#include <bsm/libbsm.h> | |
#include <cstddef> | |
#include <cstdint> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// To compile: clang stop_at_entry.c -lbsm -lEndpointSecurity -o stop_at_entry, | |
// then codesign with com.apple.developer.endpoint-security.client and run the | |
// program as root. | |
#include <EndpointSecurity/EndpointSecurity.h> | |
#include <assert.h> | |
#include <bsm/libbsm.h> | |
#include <dispatch/dispatch.h> | |
#include <signal.h> | |
#include <stdbool.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// The usual: compile with clang libfixjit.c -arch arm64 -arch arm64e -shared -o libfixjit.dylib, add to DYLD_INSERT_LIBRARIES. | |
#include <errno.h> | |
#include <pthread.h> | |
#include <stdatomic.h> | |
__attribute__((constructor)) static void fix_jit() { | |
unsigned long long mask; | |
__asm__ volatile("mrs %0, s3_4_c15_c2_7" : "=r"(mask): :); | |
__asm__ volatile("msr s3_4_c15_c2_7, %0" : : "r"(mask & 0xfffffffff0ffffff) :); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"internal" => 0 | |
"name" => "a14" | |
"system" => { | |
"cpu" => { | |
"aliases" => { | |
"Cycles" => "FIXED_CYCLES" | |
"Instructions" => "FIXED_INSTRUCTIONS" | |
} | |
"architecture" => "arm64" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// clang path_hook.mm -shared -ldl -g -framework Foundation path_hook.o -L/usr/lib/swift | |
#include <cassert> | |
#include <cstdint> | |
#include <dlfcn.h> | |
#include <mach/arm/vm_param.h> | |
#include <mach/kern_return.h> | |
#include <mach/mach_init.h> | |
#include <mach/vm_map.h> | |
#include <mach/vm_prot.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// https://gist.github.com/saagarjha/ed701e3369639410b5d5303612964557 | |
#import "swizzler.h" | |
#import <Foundation/Foundation.h> | |
#import <cstddef> | |
#import <cstdlib> | |
#import <dlfcn.h> | |
#import <mach-o/dyld.h> | |
#import <mutex> | |
#import <string> | |
#import <tuple> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Example usage: | |
// Swizzler<NSString *, NSDateFormatter *, NSDate *> NSDateFormatter_stringFromDate_ { | |
// NSDateFormatter.class, @selector(stringFromDate:), [&](auto self, auto date) { | |
// if ([NSCalendar.currentCalendar components:NSCalendarUnitWeekday fromDate:date].weekday == 4) { | |
// return @"It Is Wednesday My Dudes"; | |
// } else { | |
// return NSDateFormatter_stringFromDate_(self, date); | |
// } | |
// } | |
// }; |
NewerOlder