11 files changed, 237 insertions, 235 deletions
diff --git a/tools/backup.c b/tools/backup.c
index 1ed9921..c1472a3 100644..100755
--- a/tools/backup.c
+++ b/tools/backup.c
@@ -1,76 +1,76 @@
-#include <mach/mach.h>
-#include <sys/mman.h>
-#include <pthread.h>
-#include <stdio.h>
-#include <dlfcn.h>
-
-void lol(void) {
-	puts("hello?");
-//	*(uint32_t*)0x41424344 = 0;
-}
-
-void* lol2(void* arg) {
-	while (1) ;;
-}
-
-int main(int argc, char* argv[]) {
-	kern_return_t kr;
-	thread_t th;
-	mach_port_name_t mytask, mythread;
-	printf("Hello, world!\n");
-	mytask = mach_task_self();
-	mythread = mach_thread_self();
-
-	mmap(0x2000000, 0x100000, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, 0, 0);
-
-	char* test = malloc(0x100);
-	strcpy(test, "Hello, world! %x %x %x %x %x %x %x\n");
-
-	pthread_t thread;
-	pthread_create(&thread, NULL, lol2, NULL);
-
-	puts("test");
-
-//	thread_create(mytask, &th);
-	th = pthread_mach_thread_np(thread);
-	printf("%x\n", mytask);
-	arm_thread_state_t state;
-	mach_msg_type_number_t count;
-	kr = thread_get_state(mythread, ARM_THREAD_STATE, (thread_state_t)&state, &count);
-
-	uint32_t* stack_above = 0x2001000;
-	stack_above[0] = 0x42069;
-	stack_above[1] = 0x69420;
-	stack_above[3] = 0x13371337;
-	stack_above[4] = 0x6969;
-
-//	fprintf(stderr, "%p %p\n", test, dlsym(RTLD_DEFAULT, "puts"));
-
-//	exit(42);
-
-//	*(uint32_t*)0x41414141 = 0;
-
-//	memset(&state, 0, ARM_THREAD_STATE_COUNT * sizeof(uint32_t));
-
-	for (int i = 0; i < 13; i++) {
-		fprintf(stderr, "r%d=%x\n", i, state.__r[i]);
-	}
-
-	*(uint32_t*)(0x346afc48 + 0x1b4c000) = 0x23d751fc + 0x1b4c000;
-
-	state.__r[0] = test;
-	state.__r[1] = 0x1337;
-	state.__r[2] = 0x420;
-	state.__r[3] = 0x69;
-	state.__sp = (uint32_t)stack_above;
-	state.__lr = 0x23d751fc + 0x1b4c000;
-	state.__pc = ((uint32_t)dlsym(RTLD_DEFAULT, "printf")) | 1;
-	state.__cpsr = 0x40000020;
-	kr = thread_set_state(th, ARM_THREAD_STATE, (thread_state_t)&state, ARM_THREAD_STATE_COUNT);
-	kr = thread_resume(th);
-//	thread_call_enter((thread_call_func_t)&lol);
-
-	sleep(1);
-
-	return 0;
+#include <mach/mach.h>
+#include <sys/mman.h>
+#include <pthread.h>
+#include <stdio.h>
+#include <dlfcn.h>
+
+void lol(void) {
+	puts("hello?");
+//	*(uint32_t*)0x41424344 = 0;
+}
+
+void* lol2(void* arg) {
+	while (1) ;;
+}
+
+int main(int argc, char* argv[]) {
+	kern_return_t kr;
+	thread_t th;
+	mach_port_name_t mytask, mythread;
+	printf("Hello, world!\n");
+	mytask = mach_task_self();
+	mythread = mach_thread_self();
+
+	mmap(0x2000000, 0x100000, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, 0, 0);
+
+	char* test = malloc(0x100);
+	strcpy(test, "Hello, world! %x %x %x %x %x %x %x\n");
+
+	pthread_t thread;
+	pthread_create(&thread, NULL, lol2, NULL);
+
+	puts("test");
+
+//	thread_create(mytask, &th);
+	th = pthread_mach_thread_np(thread);
+	printf("%x\n", mytask);
+	arm_thread_state_t state;
+	mach_msg_type_number_t count;
+	kr = thread_get_state(mythread, ARM_THREAD_STATE, (thread_state_t)&state, &count);
+
+	uint32_t* stack_above = 0x2001000;
+	stack_above[0] = 0x42069;
+	stack_above[1] = 0x69420;
+	stack_above[3] = 0x13371337;
+	stack_above[4] = 0x6969;
+
+//	fprintf(stderr, "%p %p\n", test, dlsym(RTLD_DEFAULT, "puts"));
+
+//	exit(42);
+
+//	*(uint32_t*)0x41414141 = 0;
+
+//	memset(&state, 0, ARM_THREAD_STATE_COUNT * sizeof(uint32_t));
+
+	for (int i = 0; i < 13; i++) {
+		fprintf(stderr, "r%d=%x\n", i, state.__r[i]);
+	}
+
+	*(uint32_t*)(0x346afc48 + 0x1b4c000) = 0x23d751fc + 0x1b4c000;
+
+	state.__r[0] = test;
+	state.__r[1] = 0x1337;
+	state.__r[2] = 0x420;
+	state.__r[3] = 0x69;
+	state.__sp = (uint32_t)stack_above;
+	state.__lr = 0x23d751fc + 0x1b4c000;
+	state.__pc = ((uint32_t)dlsym(RTLD_DEFAULT, "printf")) | 1;
+	state.__cpsr = 0x40000020;
+	kr = thread_set_state(th, ARM_THREAD_STATE, (thread_state_t)&state, ARM_THREAD_STATE_COUNT);
+	kr = thread_resume(th);
+//	thread_call_enter((thread_call_func_t)&lol);
+
+	sleep(1);
+
+	return 0;
 }
 \ No newline at end of file
diff --git a/tools/build.sh b/tools/build.sh
index 37f29b3..37f29b3 100644..100755
--- a/tools/build.sh
+++ b/tools/build.sh
diff --git a/tools/build_native.sh b/tools/build_native.sh
index 896562a..896562a 100644..100755
--- a/tools/build_native.sh
+++ b/tools/build_native.sh
diff --git a/tools/ent.xml b/tools/ent.xml
index 2973d1d..2973d1d 100644..100755
--- a/tools/ent.xml
+++ b/tools/ent.xml
diff --git a/tools/fuck_aslr.c b/tools/fuck_aslr.c
index c8e9714..c8e9714 100644..100755
--- a/tools/fuck_aslr.c
+++ b/tools/fuck_aslr.c
diff --git a/tools/fuck_ptr.c b/tools/fuck_ptr.c
index 25eab56..25eab56 100644..100755
--- a/tools/fuck_ptr.c
+++ b/tools/fuck_ptr.c
diff --git a/tools/jit_all_the_things.c b/tools/jit_all_the_things.c
index d955ea1..d955ea1 100644..100755
--- a/tools/jit_all_the_things.c
+++ b/tools/jit_all_the_things.c
diff --git a/tools/shit.c b/tools/shit.c
index 6fa80d4..1fe00cd 100644..100755
--- a/tools/shit.c
+++ b/tools/shit.c
@@ -1,63 +1,63 @@
-#include <mach/mach.h>
-#include <sys/mman.h>
-#include <stdio.h>
-
-int main(int argc, char* argv[]) {
-	kern_return_t kr;
-	thread_t th;
-	mach_port_name_t mytask, mythread;
-	arm_thread_state_t state;
-	mach_msg_type_number_t count;
-	printf("Hello, world!\n");
-	mytask = mach_task_self();
-	mythread = mach_thread_self();
-
-	printf("%x %x %x %x %x %x %x %x %x %x %x %x\n", mytask, &th, th, &state, &count, 0x41414141);
-	mmap(0x1300000, 0x100000, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, 0, 0);
-	printf("%x %x %x %x %x %x %x %x %x %x %x %x\n", mytask, &th, th, &state, &count, 0x41414141);
-
-	*(uint32_t*)0x1301004 = 0x1300100;
-	*(uint32_t*)0x1301008 = 0x1300200;
-	*(uint32_t*)0x1301000 = 0x1300000;
-
-	*(uint32_t*)0x1302000 = 0x1301000;
-	*(uint32_t*)0x1302004 = 0x1301004;
-	*(uint32_t*)0x1302008 = 0x1301008;
-
-	*(uint32_t*)0x1304008 = 0x1303008;
-	*(uint32_t*)0x1305008 = 0x1304008;
-
-	printf("%d(%x) %d(%x)\n", ARM_THREAD_STATE, ARM_THREAD_STATE, ARM_THREAD_STATE_COUNT, ARM_THREAD_STATE_COUNT);
-
-	// 707 10580c 105848 1057c8 1057c4 41414141 105850 1 0 0 0 0
-	printf("%x %x %x %x %x %x %x %x %x %x %x %x\n", mytask, &th, th, &state, &count, 0x41414141);
-
-	printf("still alive?\n");
-	printf("%x\n", *(uint32_t*)0x1300000);
-	kr = thread_create(mytask, 0x1300000);
-	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
-
-	printf("%x\n", *(uint32_t*)0x1300000);
-	printf("still alive?\n");
-	kr = thread_get_state(0x1300000, ARM_THREAD_STATE, 0x1301008, 0x1301000);
-
-	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
-	printf("still alive?\n");
-	*(uint32_t*)0x1302008 = 0x41414141;
-	kr = thread_set_state(0x1300000, ARM_THREAD_STATE, 0x1305008, ARM_THREAD_STATE_COUNT);
-	
-	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
-	kr = thread_get_state(0x1300000, ARM_THREAD_STATE, 0x1304008, 0x1301000);
-	
-	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
-	printf("%x\n", *(uint32_t*)0x1302008);
-	printf("still alive?\n");
-	kr = thread_resume(0x1300000);
-	
-	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
-	printf("still alive?\n");
-
-	printf("still alive?\n");
-
-	return 0;
+#include <mach/mach.h>
+#include <sys/mman.h>
+#include <stdio.h>
+
+int main(int argc, char* argv[]) {
+	kern_return_t kr;
+	thread_t th;
+	mach_port_name_t mytask, mythread;
+	arm_thread_state_t state;
+	mach_msg_type_number_t count;
+	printf("Hello, world!\n");
+	mytask = mach_task_self();
+	mythread = mach_thread_self();
+
+	printf("%x %x %x %x %x %x %x %x %x %x %x %x\n", mytask, &th, th, &state, &count, 0x41414141);
+	mmap(0x1300000, 0x100000, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, 0, 0);
+	printf("%x %x %x %x %x %x %x %x %x %x %x %x\n", mytask, &th, th, &state, &count, 0x41414141);
+
+	*(uint32_t*)0x1301004 = 0x1300100;
+	*(uint32_t*)0x1301008 = 0x1300200;
+	*(uint32_t*)0x1301000 = 0x1300000;
+
+	*(uint32_t*)0x1302000 = 0x1301000;
+	*(uint32_t*)0x1302004 = 0x1301004;
+	*(uint32_t*)0x1302008 = 0x1301008;
+
+	*(uint32_t*)0x1304008 = 0x1303008;
+	*(uint32_t*)0x1305008 = 0x1304008;
+
+	printf("%d(%x) %d(%x)\n", ARM_THREAD_STATE, ARM_THREAD_STATE, ARM_THREAD_STATE_COUNT, ARM_THREAD_STATE_COUNT);
+
+	// 707 10580c 105848 1057c8 1057c4 41414141 105850 1 0 0 0 0
+	printf("%x %x %x %x %x %x %x %x %x %x %x %x\n", mytask, &th, th, &state, &count, 0x41414141);
+
+	printf("still alive?\n");
+	printf("%x\n", *(uint32_t*)0x1300000);
+	kr = thread_create(mytask, 0x1300000);
+	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
+
+	printf("%x\n", *(uint32_t*)0x1300000);
+	printf("still alive?\n");
+	kr = thread_get_state(0x1300000, ARM_THREAD_STATE, 0x1301008, 0x1301000);
+
+	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
+	printf("still alive?\n");
+	*(uint32_t*)0x1302008 = 0x41414141;
+	kr = thread_set_state(0x1300000, ARM_THREAD_STATE, 0x1305008, ARM_THREAD_STATE_COUNT);
+	
+	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
+	kr = thread_get_state(0x1300000, ARM_THREAD_STATE, 0x1304008, 0x1301000);
+	
+	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
+	printf("%x\n", *(uint32_t*)0x1302008);
+	printf("still alive?\n");
+	kr = thread_resume(0x1300000);
+	
+	printf("%d %d %s\n", kr, KERN_SUCCESS, mach_error_string(kr));
+	printf("still alive?\n");
+
+	printf("still alive?\n");
+
+	return 0;
 }
 \ No newline at end of file
diff --git a/tools/test.c b/tools/test.c
index 6682971..6682971 100644..100755
--- a/tools/test.c
+++ b/tools/test.c
diff --git a/tools/testlol.c b/tools/testlol.c
index 5849b99..362b6fa 100644..100755
--- a/tools/testlol.c
+++ b/tools/testlol.c
@@ -1,99 +1,101 @@
-#include <mach/mach.h>
-#include <stddef.h>
-#include <stdio.h>
-//#include <IOKit/IOKitLib.h>
-//#include <IOKit/iokitmig.h>
-
-typedef struct __attribute__((__packed__)) {
-    uint32_t ip_bits;
-    uint32_t ip_references;
-    struct __attribute__((__packed__)) {
-        uint32_t data;
-        uint32_t pad;
-        uint32_t type;
-    } ip_lock;
-    struct __attribute__((__packed__)) {
-        struct __attribute__((__packed__)) {
-            struct __attribute__((__packed__)) {
-                uint32_t flags;
-                uintptr_t waitq_interlock;
-                uint64_t waitq_set_id;
-                uint64_t waitq_prepost_id;
-                struct __attribute__((__packed__)) {
-                    uintptr_t next;
-                    uintptr_t prev;
-                } waitq_queue;
-            } waitq;
-            uintptr_t messages;
-            natural_t seqno;
-            natural_t receiver_name;
-            uint16_t msgcount;
-            uint16_t qlimit;
-        } port;
-        uintptr_t imq_klist;
-    } ip_messages;
-    natural_t ip_flags;
-    uintptr_t ip_receiver;
-    uintptr_t ip_kobject;
-    uintptr_t ip_nsrequest;
-    uintptr_t ip_pdrequest;
-    uintptr_t ip_requests;
-    uintptr_t ip_premsg;
-    uint64_t  ip_context;
-    natural_t ip_mscount;
-    natural_t ip_srights;
-    natural_t ip_sorights;
-} kport_t;
-
-int main(int argc, char* argv[]) {
-	printf("var MACH_PORT_RIGHT_RECEIVE = 0x%x;\n", MACH_PORT_RIGHT_RECEIVE);
-	printf("var MACH_MSG_TYPE_MAKE_SEND = 0x%x;\n", MACH_MSG_TYPE_MAKE_SEND);
-	printf("var MACH_PORT_LIMITS_INFO = 0x%x;\n", MACH_PORT_LIMITS_INFO);
-	printf("var MACH_PORT_LIMITS_INFO_COUNT = 0x%x;\n", MACH_PORT_LIMITS_INFO_COUNT);
-	printf("var MACH_MSG_OOL_PORTS_DESCRIPTOR = 0x%x;\n", MACH_MSG_OOL_PORTS_DESCRIPTOR);
-	printf("var kport_size = 0x%x;\n", sizeof(kport_t));
-	kport_t kport[2] = {};
-    uintptr_t *ptr = (uintptr_t*)(kport + 1);
-    kport->ip_bits = 0x80000002; // IO_BITS_ACTIVE | IOT_PORT | IKOT_TASK
-    kport->ip_references = 100;
-    kport->ip_lock.type = 0x11;
-    kport->ip_messages.port.qlimit = 777;
-    kport->ip_receiver = 0x12345678; // dummy
-    kport->ip_srights = 99;
-	typedef struct {
-        mach_msg_header_t Head;
-        mach_msg_body_t msgh_body;
-        mach_msg_ool_ports_descriptor_t init_port_set[0];
-    } Request;
-
-	printf("%x\n", sizeof(Request));
-	printf("%x\n", sizeof(mach_msg_ool_ports_descriptor_t));
-	printf("var req_init_port_set = 0x%x\n", offsetof(Request, init_port_set));
-	printf("var req_init_port_set_address = 0x%x\n",  offsetof(mach_msg_ool_ports_descriptor_t, address));
-	printf("var req_init_port_set_count = 0x%x\n",  offsetof(mach_msg_ool_ports_descriptor_t, count));
-//	printf("var req_init_port_set_disposition = 0x%x\n",  offsetof(Request, init_port_set) + offsetof(mach_msg_ool_ports_descriptor_t, disposition));
-//	printf("var req_init_port_set_deallocate = 0x%x\n",  offsetof(Request, init_port_set) + offsetof(mach_msg_ool_ports_descriptor_t, deallocate));
-//	printf("var req_init_port_set_type = 0x%x\n", offsetof(Request, init_port_set) +  offsetof(mach_msg_ool_ports_descriptor_t, type));
-	printf("var req_head_msgh_bits = 0x%x\n", offsetof(Request, Head.msgh_bits));
-	printf("var req_head_msgh_request_port = 0x%x\n", offsetof(Request, Head.msgh_remote_port));
-	printf("var req_head_msgh_reply_port = 0x%x\n", offsetof(Request, Head.msgh_local_port));
-	printf("var req_head_msgh_id = 0x%x\n", offsetof(Request, Head.msgh_id));
-	printf("var req_msgh_body_msgh_descriptor_count = 0x%x\n", offsetof(Request, msgh_body.msgh_descriptor_count));
-
-	printf("%x\n", sizeof(mach_msg_header_t));
-
-	printf("%x\n", MACH_MSGH_BITS_COMPLEX | MACH_MSGH_BITS(19, MACH_MSG_TYPE_MAKE_SEND_ONCE));
-	printf("%x\n", MACH_SEND_MSG|MACH_MSG_OPTION_NONE);
-	printf("%x\n", MACH_MSG_TIMEOUT_NONE);
-
-	printf("var kport_ip_bits%x = 0x%x;\n", 4, offsetof(kport_t, ip_bits));
-	printf("var kport_ip_references%x = 0x%x;\n", 4, offsetof(kport_t, ip_references));
-	printf("var kport_ip_lock_type%x = 0x%x;\n", 4, offsetof(kport_t, ip_lock.type));
-	printf("var kport_ip_messages_port_qlimit%x = 0x%x;\n", 2, offsetof(kport_t, ip_messages.port.qlimit));
-	printf("var kport_ip_receiver%x = 0x%x;\n", 4, offsetof(kport_t, ip_receiver));
-	printf("var kport_ip_srights%x = 0x%x;\n", 4, offsetof(kport_t, ip_srights));
-	printf("var MIG_MAX = 0x%x\n", 0x1000);
-	printf("var NDR_record = %x %x %x %x\n", NDR_record);
-
-	return 0;
+#include <mach/mach.h>
+#include <sys/mman.h>
+#include <stddef.h>
+#include <stdio.h>
+//#include <IOKit/IOKitLib.h>
+//#include <IOKit/iokitmig.h>
+
+typedef struct __attribute__((__packed__)) {
+    uint32_t ip_bits;
+    uint32_t ip_references;
+    struct __attribute__((__packed__)) {
+        uint32_t data;
+        uint32_t pad;
+        uint32_t type;
+    } ip_lock;
+    struct __attribute__((__packed__)) {
+        struct __attribute__((__packed__)) {
+            struct __attribute__((__packed__)) {
+                uint32_t flags;
+                uintptr_t waitq_interlock;
+                uint64_t waitq_set_id;
+                uint64_t waitq_prepost_id;
+                struct __attribute__((__packed__)) {
+                    uintptr_t next;
+                    uintptr_t prev;
+                } waitq_queue;
+            } waitq;
+            uintptr_t messages;
+            natural_t seqno;
+            natural_t receiver_name;
+            uint16_t msgcount;
+            uint16_t qlimit;
+        } port;
+        uintptr_t imq_klist;
+    } ip_messages;
+    natural_t ip_flags;
+    uintptr_t ip_receiver;
+    uintptr_t ip_kobject;
+    uintptr_t ip_nsrequest;
+    uintptr_t ip_pdrequest;
+    uintptr_t ip_requests;
+    uintptr_t ip_premsg;
+    uint64_t  ip_context;
+    natural_t ip_mscount;
+    natural_t ip_srights;
+    natural_t ip_sorights;
+} kport_t;
+
+int main(int argc, char* argv[]) {
+	printf("var MACH_PORT_RIGHT_RECEIVE = 0x%x;\n", MACH_PORT_RIGHT_RECEIVE);
+	printf("var MACH_MSG_TYPE_MAKE_SEND = 0x%x;\n", MACH_MSG_TYPE_MAKE_SEND);
+	printf("var MACH_PORT_LIMITS_INFO = 0x%x;\n", MACH_PORT_LIMITS_INFO);
+	printf("var MACH_PORT_LIMITS_INFO_COUNT = 0x%x;\n", MACH_PORT_LIMITS_INFO_COUNT);
+	printf("var MACH_MSG_OOL_PORTS_DESCRIPTOR = 0x%x;\n", MACH_MSG_OOL_PORTS_DESCRIPTOR);
+	printf("var kport_size = 0x%x;\n", sizeof(kport_t));
+	kport_t kport[2] = {};
+    uintptr_t *ptr = (uintptr_t*)(kport + 1);
+    kport->ip_bits = 0x80000002; // IO_BITS_ACTIVE | IOT_PORT | IKOT_TASK
+    kport->ip_references = 100;
+    kport->ip_lock.type = 0x11;
+    kport->ip_messages.port.qlimit = 777;
+    kport->ip_receiver = 0x12345678; // dummy
+    kport->ip_srights = 99;
+	typedef struct {
+        mach_msg_header_t Head;
+        mach_msg_body_t msgh_body;
+        mach_msg_ool_ports_descriptor_t init_port_set[0];
+    } Request;
+
+	printf("%x\n", sizeof(Request));
+	printf("%x\n", sizeof(mach_msg_ool_ports_descriptor_t));
+	printf("var req_init_port_set = 0x%x\n", offsetof(Request, init_port_set));
+	printf("var req_init_port_set_address = 0x%x\n",  offsetof(mach_msg_ool_ports_descriptor_t, address));
+	printf("var req_init_port_set_count = 0x%x\n",  offsetof(mach_msg_ool_ports_descriptor_t, count));
+	printf("%x %x %x %x %x\n", PROT_READ, PROT_WRITE, PROT_EXEC, MAP_PRIVATE, MAP_ANON);
+//	printf("var req_init_port_set_disposition = 0x%x\n",  offsetof(Request, init_port_set) + offsetof(mach_msg_ool_ports_descriptor_t, disposition));
+//	printf("var req_init_port_set_deallocate = 0x%x\n",  offsetof(Request, init_port_set) + offsetof(mach_msg_ool_ports_descriptor_t, deallocate));
+//	printf("var req_init_port_set_type = 0x%x\n", offsetof(Request, init_port_set) +  offsetof(mach_msg_ool_ports_descriptor_t, type));
+	printf("var req_head_msgh_bits = 0x%x\n", offsetof(Request, Head.msgh_bits));
+	printf("var req_head_msgh_request_port = 0x%x\n", offsetof(Request, Head.msgh_remote_port));
+	printf("var req_head_msgh_reply_port = 0x%x\n", offsetof(Request, Head.msgh_local_port));
+	printf("var req_head_msgh_id = 0x%x\n", offsetof(Request, Head.msgh_id));
+	printf("var req_msgh_body_msgh_descriptor_count = 0x%x\n", offsetof(Request, msgh_body.msgh_descriptor_count));
+
+	printf("%x\n", sizeof(mach_msg_header_t));
+
+	printf("%x\n", MACH_MSGH_BITS_COMPLEX | MACH_MSGH_BITS(19, MACH_MSG_TYPE_MAKE_SEND_ONCE));
+	printf("%x\n", MACH_SEND_MSG|MACH_MSG_OPTION_NONE);
+	printf("%x\n", MACH_MSG_TIMEOUT_NONE);
+
+	printf("var kport_ip_bits%x = 0x%x;\n", 4, offsetof(kport_t, ip_bits));
+	printf("var kport_ip_references%x = 0x%x;\n", 4, offsetof(kport_t, ip_references));
+	printf("var kport_ip_lock_type%x = 0x%x;\n", 4, offsetof(kport_t, ip_lock.type));
+	printf("var kport_ip_messages_port_qlimit%x = 0x%x;\n", 2, offsetof(kport_t, ip_messages.port.qlimit));
+	printf("var kport_ip_receiver%x = 0x%x;\n", 4, offsetof(kport_t, ip_receiver));
+	printf("var kport_ip_srights%x = 0x%x;\n", 4, offsetof(kport_t, ip_srights));
+	printf("var MIG_MAX = 0x%x\n", 0x1000);
+	printf("var NDR_record = %x %x %x %x\n", NDR_record);
+
+	return 0;
 }
 \ No newline at end of file
diff --git a/tools/thread_shit.c b/tools/thread_shit.c
index cbfbe23..cbfbe23 100644..100755
--- a/tools/thread_shit.c
+++ b/tools/thread_shit.c