userlandkernel
/ off_finder.sh
Last active
November 23, 2023 18:00
Finds all symbol offsets in a decompressed XNU kernelcache
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| RADARE="$(which rabin2)" #We need rabin2 | |
| KERNELCACHE_FILE="$1" #This will be the path to a decompressed kernelcace, e.g: /tmp/kernel | |
| OFFSETS_FILE="$2" #This is the path and name of the file where the offsets should be stored in, don't add .c or .h the script will do! | |
| STRUCTNAME="$3" | |
| H_FILE="$OFFSETS_FILE.h" # your_chosen_name.h | |
| C_FILE="$OFFSETS_FILE.c" # your_chosen_name.c |
NewerOlder