Skip to content

bazad/macho_gadgets

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
gadgets
gadgets
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
macho.c
macho.c
 
 
macho.h
macho.h
 
 
macho_gadgets.c
macho_gadgets.c
 
 

Repository files navigation

macho_gadgets

macho_gadgets is a small utility to help find gadgets in a Mach-O file, specifically the iOS kernelcache.

Gadget descriptions

Gadgets are described using the following format:

<gadget-name>:<gadget-data>

The <gadget-data> parameter specifies the binary contents of the gadget. It consists of hexadecimal byte sequences separated by commas. If the sequence starts with 0x, then the bytes are flipped (so that gadgets can be specified as little-endian integers). For example, the following definitions are equivalent:

GADGET_1:0011223344556677
GADGET_1:0x33221100,0x77665544

Building

Run make to build macho_gadgets.

Running

Run macho_gadgets as follows:

$ ./macho_gadgets /path/to/mach-o <gadget-description>...

For example, to use gadgets specified in a file:

$ ./macho_gadgets kernelcache.release.iphone9.decompressed $(cat gadgets.txt)

This will print out a list of the static addresses of the gadgets.

License

The files macho.h and macho.c are part of memctl and are released under the MIT license. The remaining files are placed in the public domain.

Brandon Azad

About

A tool to find gadgets in the iOS kernelcache.

Resources

Readme
Activity

Stars

33 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages