Skip to content

Instantly share code, notes, and snippets.

View JJTech0130's full-sized avatar

JJTech JJTech0130

854 followers · 152 following
View GitHub Profile
@JJTech0130
JJTech0130 / hooks.py
Created October 18, 2024 02:01
Excerpt from an old project of mine, shows a fake implementation of Mach Ports I used in a high-level emulation project.
@self.hook()
def _bootstrap_check_in(bootstrap_port: int, sn: int, sp: int):
service_name = c_string(self._uc.mem_read(sn, 0x100))
self.debug(f"bootstrap_check_in {hex(bootstrap_port)} {service_name} {hex(sp)}")
port = self.mach_ports.create_mach_port_with_name(service_name)
self._uc.mem_write(sp, port.to_bytes(4, byteorder='little'))
return 0
@self.hook()
def _CFMachPortCreateWithPort(allocator: int, port: int, callout: int, context: int, shouldFreeInfo: int):
@JJTech0130
JJTech0130 / psem.swift
Last active February 24, 2024 14:25
Pure Swift raw syscall to retrieve the name of a semaphore
import Foundation
struct psem_fdinfo {
struct proc_fileinfo {
var fi_openflags: UInt32
var fi_status: UInt32
var fi_offset: Int64
var fi_type: Int32
var fi_guardflags: UInt32
}
@JJTech0130
JJTech0130 / calculate_ota_offsets.py
Last active February 2, 2024 04:20
import requests
from rich import print
from rich.progress import track, Progress
from rich.prompt import Prompt
from rich.console import Console
from rich.table import Table
import zipfile
import os
import threading
import io
@JJTech0130
JJTech0130 / facetime_web_log_inject.js
Last active January 9, 2025 18:42
var objs = []; // we'll store the object references in this array
function walkTheObject(obj) {
var keys = Object.keys(obj); // get all own property names of the object
// Check if 'info' and 'error' keys are present (meaning it is probably the object we want)
if (keys.indexOf("info") > -1 && keys.indexOf("error") > -1) {
function fmt_console_log(strings, ...values) {
let str = '';
if (strings?.logString?.fragments != null) {
@JJTech0130
JJTech0130 / snap_circuits_led_mc_keyboard.bas
Created July 7, 2023 23:48
PICAXE program to use Snap Circuits keyboard (U26) with LED MC (U29)
; calling convention
symbol arg1 = b0
symbol arg2 = b1
symbol arg3 = b2
;symbol arg1w = w3
symbol shift_out_current_mask = b3
symbol shift_out_temp = b4
symbol main_last = b5
@JJTech0130
JJTech0130 / itml.py
Last active June 9, 2023 20:08
Parse Apple's ITML into proper HTML
from lxml import etree
import requests
OVERRIDE_CSS = """
/* Custom injected CSS */
.VBoxView {
display: flex;
flex-direction: column;
}
@JJTech0130
JJTech0130 / frida-log-hook.js
Last active April 26, 2023 23:15
var m = 'libsystem_trace.dylib';
// bool os_log_type_enabled(os_log_t oslog, os_log_type_t type);
var isEnabledFunc = Module.findExportByName(m, 'os_log_type_enabled');
// _os_log_impl(void *dso, os_log_t log, os_log_type_t type, const char *format, uint8_t *buf, unsigned int size);
var logFunc = Module.findExportByName(m, '_os_log_impl');
Interceptor.attach(isEnabledFunc, {
onLeave: function (ret) {
// console.log('log_enabled', ret);
ret.replace(0x1);
@JJTech0130
JJTech0130 / memorymap.rs
Created February 21, 2023 22:43
use std::{alloc::Layout, mem, ops::{Deref, DerefMut}};
use crate::pager::Pagable;
pub struct MemoryMap(Vec<u8>);
impl MemoryMap {
fn page_round(size: usize) -> usize {
Layout::from_size_align(size, Vec::<u8>::page_size()).unwrap().size()
}
@JJTech0130
JJTech0130 / mac_changer.sh
Last active April 17, 2023 20:46
Quick script to change your MAC address
# Make sure the script is run as root
# Otherwise, try to run it with sudo
if [ $EUID -ne 0 ]; then
echo "This script must be run as root"
sudo $0
exit $? # Exit with the same exit code as sudo
fi
# Look for .mac files in the current folder
shopt -s nullglob
@JJTech0130
JJTech0130 / gsa.py
Last active May 5, 2025 09:23
Apple's GrandSlam Authentication protocol
import base64
import hashlib
import hmac
import locale
import plistlib as plist
from datetime import datetime
import logging
import requests
import srp._pysrp as srp
import urllib3