fuck

author: spv420 <spv@spv.sh> 2022-07-31 22:29:54 -0400
committer: spv420 <spv@spv.sh> 2022-07-31 22:29:54 -0400
commit: 7204eca4a28c681b5ec4801a236f521c69d0e70b (patch)
tree: ecadeed1010a6de0536bf4e8507fcaab34801323 /src/stage4/main.js
parent: 014b749f0d8d824eec044c809522bc51c24247e7 (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/src/stage4/main.js b/src/stage4/main.js
index 660db75..980525b 100644
--- a/src/stage4/main.js
+++ b/src/stage4/main.js
@@ -12,6 +12,7 @@ var AF_INET = 2;
 var SOCK_DGRAM = 2;
 var SOCK_DGRAM = 2;
 var IPPROTO_UDP = 17;
+var UNSLID_BASE = 0x4000;
 
 function prep_shit() {
 	string_ref = scall("JSStringCreateWithUTF8CString", "victim");
@@ -30,7 +31,20 @@ function csbypass_wrapper() {
 }
 
 function csbypass_stage4() {
-	csbypass_wrapper();
+//	csbypass_wrapper();
+
+	var np = new native_ptr(UNSLID_BASE + (get_our_slide() << 12));
+	var native_ptr_u16 = native_ptr_type(2, u8x2_to_u16, u16_to_u8x2);
+	var native_ptr_u32 = native_ptr_type(4, u8x4_to_u32, u32_to_u8x4);
+	var native_ptr_u16_2 = native_ptr_type(2, u8x2_to_u16, u16_to_u8x2);
+
+	var np1 = new native_ptr_u16(UNSLID_BASE + (get_our_slide() << 12));
+	var np2 = new native_ptr_u32(UNSLID_BASE + (get_our_slide() << 12));
+	var np3 = new native_ptr_u16_2(UNSLID_BASE + (get_our_slide() << 12));
+
+//	p0laris_log("%s", Proxy.toString());
+	p0laris_log("%x %x %x %x", np1.deref(), np2.deref(), np3.deref());
+
 	return 0;
 }
author	spv420 <spv@spv.sh>	2022-07-31 22:29:54 -0400
committer	spv420 <spv@spv.sh>	2022-07-31 22:29:54 -0400
commit	7204eca4a28c681b5ec4801a236f521c69d0e70b (patch)
tree	ecadeed1010a6de0536bf4e8507fcaab34801323 /src/stage4/main.js
parent	014b749f0d8d824eec044c809522bc51c24247e7 (diff)