codecolorist
codecolorist
The attribute `MachO.rpath` points to the first `LC_RPATH` load command of the executable: ``` In [1]: import lief In [2]: lief.parse('/Applications/Xcode.app/Contents/MacOS/Xcode').rpath Out[2]: ``` But there can be multiple `LC_RPATH` in...
According to https://github.com/ioncodes/idacode/issues/5 remote host is planned to be supported. There is no authentication for the socket server yet. So an attacker may be able to communicate with the server...
**This repo is going to be archived.** It's being rebuilt from the ground up, and a new project will be annonced once it's finished. It has a better organized architecture,...
I got a lot of issues regarding weird crashes. After a while I finally realized the root cause. When an app is spawned by frida, it never gets resumed, causing...
Test case ```js // search by iteration. Doesn't work on iOS Module.enumerateSymbols('libxpc.dylib', { onMatch(symbol) { if (symbol.name == '_xpc_connection_call_event_handler') { console.log(symbol.address); return 'stop'; } }, onError() { console.error('error'); }, onComplete()...
ATS is required for network permission
There's a easy exploiting vulnerability in: https://github.com/humitos/pyfispot/blob/master/raspberrypi/home/pi/apps/pyfispot/main.py#L69 A fake `X-Real-IP` header will execute arbitrary command on the server
Support frida-server `--token` option
frida repl sometimes generates empty log file when using `--output` flag. Here is the minimal case to reproduce: ```objective-c #import int main(int argc, const char * argv[]) { CFRunLoopRun(); return...
This is intended to fix the case to directly attach a process in simulator, without frida-gadget https://github.com/frida/frida/issues/2763#issuecomment-2828670124 When we use `frida` to attach a simulator process without gadget, it's a...