Mahmoud Rusty Abdelkader mahmoudimus

I started with a Windows 10 Enterprise Evaluation VM, version 1809, from here: https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ Then I installed the needed tools:

Install Visual Studio Community 2019 Edition from https://visualstudio.microsoft.com/downloads/, version 16.4.2. Make sure to install the Desktop development for C++ workload.

For the latest discussion, see the comments there.

Updated guide (for CrossOver 20.0.0)

Install dependencies: Xcode developer tools (Command Line); cmake; gcc or clang to compile C code; bison >= 3.0 (can be upgraded via homebrew); xquartz; flex; mingw-w64; pkgconfig; you might also need freetype with brew install freetype
Make sure the right version of bison is in path: brew upgrade bison then check version and cd /usr/local/Cellar/bison/<version>/bin and export PATH="$(pwd):$PATH" then check with which bison
Download source (CodeWeavers CrossOver FOSS version Source) and extract it (double click the file in Finder or untar it: tar -xz source.tar.gz)
Add missing wine/include/distversion.h file with this content:

	<!-- put this to IDEA keymaps config folder. For v13 it is <userdir>\.IntelliJIdea13\config\keymaps\ -->
	<?xml version="1.0" encoding="UTF-8"?>
	<keymap version="1" name="Mac OS X 10.5+ Windows Ctrl" parent="Mac OS X 10.5+">
	<action id="$Copy">
	<keyboard-shortcut first-keystroke="meta C" />
	<keyboard-shortcut first-keystroke="meta INSERT" />
	<keyboard-shortcut first-keystroke="control C" />
	<keyboard-shortcut first-keystroke="control INSERT" />
	</action>
	<action id="$Cut">

	;
	; AutoHotkey Version: 1.x
	;
	;
	; --------------------------------------------------------------
	; Emulate OSX keymap layout
	; on Windows
	; --------------------------------------------------------------

	#NoEnv ; Recommended for performance and compatibility with future AutoHotkey releases.

	"""
	@file patmake.py
	@brief Creates a pattern file from a database
	@author neat
	"""
	import os

	import idautils
	import ida_bytes
	import ida_funcs

	##############################################################################
	#
	# Name: hello_world_plugin.py
	# Auth: @cmatthewbrooks
	# Desc: A test plugin to learn how to make these work; Specifically, how to
	# have multiple actions within the same plugin.
	#
	# In plain English, IDA will look for the PLUGIN_ENTRY function which
	# should return a plugin object. This object can contain all the
	# functionality itself, or it can have multiple actions.

	#!/usr/bin/env python

	# Script associated with the blog post: https://lief-project.github.io/blog/2022-05-08-macho/
	# It demonstrates code injection with shell-factory and LIEF

	import lief
	import pathlib
	from pathlib import Path

	CWD = Path(__file__).parent

	# SiInit
	299D6F8B-2EC9-4E40-9EC6-DDAA7EBF5FD9 12 P:81E10080000033C1:9090909090909090

	# PpmInitialize Reset IA32_TSC_ADJUST to 0 instead of enforcing 0xE2 lock
	3FFCAE95-23CF-4967-94F5-16352F68E43B 10 P:742CB9E20000000F3248C1E220480BC20FBAE00F488944240872130FBAE80F89442408488B54240848C1EA200F30:BA00000000B800000000B93B0000000F309090909090909090909090909090909090909090909090909090909090

	# CpuInitPei Reset IA32_TSC_ADJUST to 0 instead of enforcing 0xE2 lock
	01359D99-9446-456D-ADA4-50A711C03ADA 12 P:B9E20000000F328BC8BE0080000023CE0BCF75190BC6894424088954240C8B54240C8B442408B9E20000000F30:BA00000000B800000000B93B0000000F3090909090909090909090909090909090909090909090909090909090

	# CpuMpDxe to disable TSC writes