uroboro uroboro

## example.txt
➤ python json_output.py -d xxx -t T1000 -o - file1.swift file2.swift
{"file1.swift": {"object": "xxx/file1.swift.T1000.o", "dependencies": "xxx/file1.swift.T1000.Td"}, "file2.swift": {"object": "xxx/file2.swift.T1000.o", "dependencies": "xxx/file2.swift.T1000.Td"}, "": {"swift-dependencies": "xxx/master.swiftdeps"}}⏎

## Apple8723Container.c
// Todo

## Theos_dependencies_GCS.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                uroboro
                / Theos_dependencies_GCS.md
            
            
              Last active
              November 18, 2018 00:32
            
              
                Package-command table for Google Cloud Shell
              
          
Package
Commands


pre-installed
touch lzma


bash
bash


coreutils
cat chmod cp du ln md5sum mkdir nproc tr rm uname


git
git


grep
grep


make
make


openssh-client
scp


perl
perl


## classTreeGraphviz.mm
int numberOfClasses = objc_getClassList(NULL, 0);
Class * classList = (Class *)malloc(numberOfClasses * sizeof(Class));
numberOfClasses = objc_getClassList(classList, numberOfClasses);

NSString * string = @"digraph cluster {\nrankdir=\"LR\"\n";
for (int idx = 0; idx < numberOfClasses; idx++) {
	Class clazz = classList[idx];
	if (some expression to filter results) {

		NSString * str = [NSString stringWithFormat:@"%@ -> %@\n",

## stringSwitch.m
#include <stdio.h>
#import <Foundation/Foundation.h>

int main(int argc, char **argv) {
	NSArray * options = @[
		@"-h",
		@"--help",
		@"--get",
		@"--set",
	];

## f2a54fb4d440903a6e070c0f1894e090.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                uroboro
                / f2a54fb4d440903a6e070c0f1894e090.md
            
            
              Last active
              May 8, 2020 11:12
            
              
                Logos alternative generators
              
          
    Add config for other hooking mechanisms facebook/fishhook#18 (comment) :

substitute's substitute_hook_functions
rd_route's rd_route
mach_override's mach_override_ptr
libevil's evil_override_ptr
HookZz's ZzHook
DYLD_INTERPOSE
PLPatchMaster's what exactly?


## x.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                uroboro
                / x.md
            
            
              Last active
              March 4, 2018 22:19
            
          
    %hookf(FILE *, "fopen", const char *path, const char *mode) {
	NSLog(@"Hey, we're hooking fopen to deny relative paths!");
	if (path[0] != '/') {
		return NULL;
	}
	return %orig; // Call the original implementation of this function
}

  
## cbz on AArch64.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                uroboro
                / cbz on AArch64.md
            
            
              Created
              January 13, 2018 04:35
            
          
    /*
 * cbz Rn, location
 *
 * 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16   <-- bit
 *  0  0  1  1  0  1  0  0 [                         <-- meaning
 * 15 14 13 12 11 10  9  8  7  6  5  4  3  2  1  0   <-- bit
 *                         location][           Rn]  <-- meaning
 * location is 4 byte aligned
 *

  
## find_offsets.sh
#!//bin/sh

export PATH=bin:$PATH

self=$0

function print_help() {
	echo "$self [IPSW path]"
	echo "$self [device model] [ios build]"
	echo

## OFFSET_IOSURFACEROOTUSERCLIENT_VTAB explanation.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              3 stars
            
          
                uroboro
                / OFFSET_IOSURFACEROOTUSERCLIENT_VTAB explanation.md
            
            
              Created
              December 9, 2017 18:31
            
              
                OFFSET_IOSURFACEROOTUSERCLIENT_VTAB explanation.md
              
          
    Explanation for OFFSET_IOSURFACEROOTUSERCLIENT_VTAB

extract the IOSurface kext
hex -dump the entire __DATA_CONST.__const segment
you should see a lot of pointers, occasionally separated by some zeroes - you're looking at vtable contents, e.g.:


now subclasses of IOUserClient have huge vtables, a couple hundred pointers
	➤ python json_output.py -d xxx -t T1000 -o - file1.swift file2.swift
	{"file1.swift": {"object": "xxx/file1.swift.T1000.o", "dependencies": "xxx/file1.swift.T1000.Td"}, "file2.swift": {"object": "xxx/file2.swift.T1000.o", "dependencies": "xxx/file2.swift.T1000.Td"}, "": {"swift-dependencies": "xxx/master.swiftdeps"}}⏎
Package	Commands
pre-installed	touch lzma
bash	bash
coreutils	cat chmod cp du ln md5sum mkdir nproc tr rm uname
git	git
grep	grep
make	make
openssh-client	scp
perl	perl
	int numberOfClasses = objc_getClassList(NULL, 0);
	Class * classList = (Class )malloc(numberOfClasses sizeof(Class));
	numberOfClasses = objc_getClassList(classList, numberOfClasses);

	NSString * string = @"digraph cluster {\nrankdir=\"LR\"\n";
	for (int idx = 0; idx < numberOfClasses; idx++) {
	Class clazz = classList[idx];
	if (some expression to filter results) {

	NSString * str = [NSString stringWithFormat:@"%@ -> %@\n",
	#include <stdio.h>
	#import <Foundation/Foundation.h>

	int main(int argc, char **argv) {
	NSArray * options = @[
	@"-h",
	@"--help",
	@"--get",
	@"--set",
	];
	#!//bin/sh

	export PATH=bin:$PATH

	self=$0

	function print_help() {
	echo "$self [IPSW path]"
	echo "$self [device model] [ios build]"
	echo