Skip to content

Instantly share code, notes, and snippets.

@steventroughtonsmith
steventroughtonsmith / bitcode2intel
Created May 18, 2019 15:31
Converts an ARM64 iOS app with Bitcode into an X86_64 variant
#!/bin/bash
TARGET="$( cd "$(dirname "$1")" ; pwd -P )/$1"
SYSROOT="/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator.sdk"
TARGET_ARCH=x86_64
export IPHONEOS_DEPLOYMENT_TARGET=12.2
rm -r /tmp/bitcode2intel
mkdir -p /tmp/bitcode2intel
pushd /tmp/bitcode2intel
@karwa
karwa / codablebridge.swift
Created November 1, 2017 04:57
codable-nscoding bridge
import Foundation
/// This isn't safe to use before Swift gets ABI stability, because generic classes
/// could change their names. Also, be sure to register bridges with the Obj-C runtime
/// if using to decode during iOS state restoration.
///
class CodableBridge<Wrapped: Codable>: NSObject, NSSecureCoding {
let value: Wrapped
init(_ value: Wrapped) { self.value = value }

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@algal
algal / Extra Logging for My Great App.mobileconfig
Created February 1, 2017 04:32 — forked from zwaldowski/Extra Logging for My Great App.mobileconfig
Apple Configuration Profile for Logging in iOS 10 and macOS Sierra
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<!-- iOS 10, macOS Sierra, and friends bring a new logging subsystem that's
supposed to scale from the kernel, up to frameworks, and up to apps. It defaults
to a more regimented, privacy-focused approach that large apps and complex
systems need.
It, along with Activity Tracing introduced in iOS 8 and macOS Yosemite and the
Console app in macOS Sierra, hope to help you graduate from caveman debugging to
@Manouchehri
Manouchehri / rfc3161.txt
Last active November 11, 2024 16:18
List of free rfc3161 servers.
https://rfc3161.ai.moda
https://rfc3161.ai.moda/adobe
https://rfc3161.ai.moda/microsoft
https://rfc3161.ai.moda/apple
https://rfc3161.ai.moda/any
http://rfc3161.ai.moda
http://timestamp.digicert.com
http://timestamp.globalsign.com/tsa/r6advanced1
http://rfc3161timestamp.globalsign.com/advanced
http://timestamp.sectigo.com
@zwaldowski
zwaldowski / Activity.swift
Last active November 3, 2024 17:37
os_activity_t for Swift 3
//
// Activity.swift
//
// Created by Zachary Waldowski on 8/21/16.
// Copyright © 2016 Zachary Waldowski. Licensed under MIT.
//
import os.activity
private final class LegacyActivityContext {
@phatblat
phatblat / gist:0dd175b406cf2f3fbfc9
Created August 26, 2015 01:22
xcodebuild -exportOptionsPlist available keys (Xcode 7b6)
Available keys for -exportOptionsPlist:
compileBitcode : Bool
For non-App Store exports, should Xcode re-compile the app from bitcode? Defaults to YES.
embedOnDemandResourcesAssetPacksInBundle : Bool
For non-App Store exports, if the app uses On Demand Resources and this is YES, asset packs are embedded in the app bundle so that the app can be tested without a server to host asset packs. Defaults to YES unless onDemandResourcesAssetPacksBaseURL is specified.
@mackuba
mackuba / wwdc15.md
Last active August 6, 2022 17:28
New stuff from WWDC 2015

Here's my own list of the interesting stuff announced during this year's WWDC, collected from the keynotes, various Apple docs, blog posts and tweets.

If you're planning to watch the videos, I really recommend this Mac app that helps you download and watch them: https://github.com/insidegui/WWDC.

OS X El Capitan

http://www.apple.com/osx/elcapitan-preview/

  • split view - two apps side by side on full screen
@JaviLorbada
JaviLorbada / FRP iOS Learning resources.md
Last active June 17, 2024 06:08
The best FRP iOS resources.

Videos

anonymous
anonymous / syncs.d
Created February 9, 2015 00:02
#!/usr/sbin/dtrace -q -s
/*
Overly spammy, mostly covered by the other probes (every "read" or "write" is a "request")
CFPreferencesServer$target:::request {
printf("REQUEST from pid %d at %Y ( domain: %s, user: %s, host: %s, container: %s, managed: %d)\n", arg0, walltimestamp, copyinstr(arg1) != NULL ? copyinstr(arg1) : "(NULL)" ?: "(NULL)", copyinstr(arg2) != NULL ? copyinstr(arg2) : "(NULL)", copyinstr(arg3) != NULL ? copyinstr(arg3) : "(NULL)", copyinstr(arg4) != NULL ? copyinstr(arg4) : "(NULL)", arg5);
}
*/
CFPreferencesServer$target:::write_rejected {
printf("REJECTED WRITE OF KEY %s request from pid %d for reason %s at %Y ( domain: %s, user: %s, host: %s, container: %s)\n", copyinstr(arg1) != NULL ? copyinstr(arg1) : "(NULL)", arg0, copyinstr(arg6) != NULL ? copyinstr(arg6) : "(NULL)", walltimestamp, copyinstr(arg2) != NULL ? copyinstr(arg2) : "(NULL)", copyinstr(arg3) != NULL ? copyinstr(arg3) : "(NULL)", copyinstr(arg4) != NULL ? copyinstr(arg4) : "(NULL)", copyinstr(arg5) != NULL ? copyinstr(arg5)