Skip to content

Instantly share code, notes, and snippets.

@zwo

zwo/mempatch.c

Created February 21, 2019 09:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save zwo/dc19a0d152f5dcaf30dd1919155ed4fc to your computer and use it in GitHub Desktop.
Save zwo/dc19a0d152f5dcaf30dd1919155ed4fc to your computer and use it in GitHub Desktop.
Download ZIP
memory patch for mac os
Raw
mempatch.c
#import <dlfcn.h>
#import <stdlib.h>
#import <string.h>
#import <sys/types.h>
#import <mach-o/dyld.h>
#import <mach-o/loader.h>
#import <mach-o/nlist.h>
#include <sys/sysctl.h>
#include <mach/mach.h>
//patch_mem(g_xxAddr,0x00000000);
static void patch_mem(uintptr_t p,unsigned int data){//patch 8字节
int page = getpagesize();
uintptr_t address = (uintptr_t)(p);
uintptr_t base = address/page * page;
mach_port_t self = mach_task_self();
kern_return_t error;
if((page - (uintptr_t)(p) - base)<12){
page *= 2;
}
if((error = vm_protect(self,base,page,FALSE ,VM_PROT_READ|VM_PROT_WRITE|VM_PROT_COPY))){
return;
}
*(unsigned int *) p = data;
if((error = vm_protect(self,base,page,FALSE,VM_PROT_READ|VM_PROT_EXECUTE))){
return;
}
}
static void __attribute__((constructor)) initialize_mem_patch(void) {
const struct mach_header *mhp = _dyld_get_image_header(0);
BOOL is64bit = mhp->magic == MH_MAGIC_64 || mhp->magic == MH_CIGAM_64;
// uintptr_t module_base_cursor = (uintptr_t)mhp + (is64bit ? sizeof(struct mach_header_64) : sizeof(struct mach_header));
uintptr_t module_base_cursor = (uintptr_t)mhp;
if (is64bit) {
uintptr_t targetCursor = module_base_cursor + 0x2447E;
patch_mem(targetCursor,0x441f0f66);//将baseModel偏移0x2447E的位置nop掉。
uintptr_t licenceTarget = module_base_cursor + 0x10fe7b;
patch_mem(licenceTarget, 0x01c0c748);//mov rax,0x01
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment