diff options
| author | spv <92738222+spv420@users.noreply.github.com> | 2022-06-01 11:41:40 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-06-01 11:41:40 -0400 |
| commit | 7356b178585a499eda4bc85c801d2ecc6965c853 (patch) | |
| tree | cf6e25edcc56198c0e10a5d0652e52ca1881af83 /src | |
| parent | ce55a871d48b397797e90ba92187b614cbafc82e (diff) | |
Create README.md
Diffstat (limited to 'src')
| -rw-r--r-- | src/gen/README.md | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/gen/README.md b/src/gen/README.md new file mode 100644 index 0000000..bdeb351 --- /dev/null +++ b/src/gen/README.md @@ -0,0 +1,11 @@ +# racoon exploit +this code generates a racoon configuration file to exploit the Rocky Racoon bugs, and obtain r/w in JSC. + +file descriptions: +- `ip_tools.c` & `ip_tools.h` - code to generate ip addresses from `uint32_t`'s +- `patchfinder.c` & `patchfinder.h` - patchfinder for racoon, incomplete, many hardcoded offsets (mainly for ROP) are still used +- `shit.c` & `shit.h` - possibly unused code for formatting +- `stage0_primitives.c` & `stage0_primitives.h` - Rocky Racoon arbitrary relative 4-byte write +- `stage1_primitives.c` & `stage1_primitives.h` - `lcconf` arbitrary unslid write (stolen from @JakeBlair420) +- `stage2.c` & `stage2.h` - ROP chain generation code that sets up JSC with r/w, and runs the JS portion (stage3) +- `main.c` - main function & such |