potential tweak that applies micro-optimizations to libobjc:
_class_getClassVariable:
-find symbol addr
orig code:
cbz x0, loc_3fb0 ; 0000000000003f98
cbz x1, loc_3fb0 ; 0000000000003f9c
0xilis 0xilis
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ req ] | |
| distinguished_name = req_distinguished_name | |
| x509_extensions = v3_intermediate_ca | |
| prompt = no | |
| [ req_distinguished_name ] | |
| C = US | |
| ST = Snooltopia | |
| L = Snoolcity | |
| O = Snoolie Inc |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Please credit me (Snoolie K / 0xilis) for this patch */ | |
| %hookf(int, concatExtractPath, char *dest, size_t dest_size, const char *dir, const char *path) { | |
| size_t dir_len = strlen(dir); | |
| size_t path_len = strlen(path); | |
| if (!dir_len) { | |
| pc_log_error(__FILE__, __func__, 0x173, 3, 0, "invalid dir: %s", dir); | |
| return -1; | |
| } |
0xilis
/ Form_Apple_Archive_From_Unsigned_Shortcut.c
Last active
March 25, 2025 03:24
Hacky reforming signed shortcut AEA from apple archive
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| struct libshortcutsign_header_info { | |
| char *header; | |
| int keyCount; | |
| uint32_t fieldKeys[30]; | |
| uint32_t fieldKeyPositions[30]; | |
| uint32_t currentPos; | |
| }; | |
| uint32_t get_aa_header_field_key(struct libshortcutsign_header_info info, uint32_t i) { | |
| if (i >= info.keyCount) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Snoolie K / 0xilis | |
| * 21 November 2023 (EST) | |
| * iCloud Sign Shortcuts Example | |
| */ | |
| #import <UIKit/UIKit.h> | |
| @interface WFFileRepresentation : NSObject | |
| @property (readonly, nonatomic) NSData *data; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Snoolie K | |
| * 16 November 2023 (EST) | |
| * Import Unsigned Shortcuts Example | |
| */ | |
| #import <UIKit/UIKit.h> | |
| @interface WFFileRepresentation : NSObject | |
| @property (readonly, nonatomic) NSData *data; // ivar: _data |
0xilis
/ hook_free.c
Last active
September 21, 2023 18:38
shit code (hook_free for auto =NULL, macOS 12.6)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #define CHECK_OFFSET 1 | |
| /* Dunno how this works but it does? (At least it seems to on macOS 12.6 :P */ | |
| void hook_free(void *pointer) { | |
| free(pointer); | |
| void **pointerToArg = &pointer; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Snoolie K | |
| # meowifier | |
| # output raw bits of character | |
| def raw(character): | |
| character_ascii = ord(character) # Convert character to ASCII value | |
| binary_string = bin(character_ascii)[2:] # Convert ASCII value to binary string, remove the '0b' prefix | |
| raw_bits = [int(bit) for bit in binary_string] # Convert each binary digit to integer and add to the list | |
| return raw_bits |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| void hexDumpByNSLog(const char *desc, void *addr, int len); | |
| void hexDumpSymbolFromCallStackSymbols(NSString *symbolToFind); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %hookf(int, posix_spawn, pid_t *pid, const char *orig_path, const posix_spawn_file_actions_t *file_actions, const posix_spawnattr_t *attrp, char *const orig_argv[], char *const envp[]) { | |
| //GUESS: Add DYLD_INSERT_LIBRARIES to envp | |
| //This is example code that I think should (theoretically) work? | |
| //compile this dylib and put it in launchd, then CT sign | |
| //adds a dylib to every process (that being, "/var/subsidiary/TweakDylib.dylib") | |
| //dylib is sandboxed btw, but should be possible for unsandboxed dylibs as well theoretically, see opainject and the nullconga pdf, not in this example code tho bc idc for now | |
| //in real world we shouldn't want to insert this dylib in *everything* and only insert it in stuff it should be inserted in, but once again, only an example | |
| int addingEnvVar = 0; //int/bool that is 1 if we're adding DYLD_INSERT_LIBRARIES=, and 0 if we're modifying it | |
| int dyldLibIndex = -1; | |
| char **ptr; |