rpwnage / Warri0r
ios 12 Sandbox escape POC
☆31Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for Warri0r
- empty_list - exploit for p0 issue 1564 (CVE-2018-4243) iOS 11.0 - 11.3.1 kernel r/w☆19Updated 6 years ago
- use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced☆32Updated 5 years ago
- Radare2 plugin to parse modern iOS 64-bit kernel caches☆29Updated 5 years ago
- CVE-2018-4248: Out-of-bounds read in libxpc during string serialization.☆52Updated 6 years ago
- Get kernel symbols on device. No jailbreak required (note: unslid addresses)☆26Updated 6 years ago
- ☆16Updated 4 years ago
- A tool for reversing IOKit classes from the iOS 12's new kernelcache format.☆23Updated 6 years ago
- iOS10~iOS13 Edition) Dump Kext information from iOS kernel cache. Applicable to the kernel which dump from memory. The disassembly framew…☆20Updated 2 years ago
- A tool to find gadgets in the iOS kernelcache.☆33Updated 6 years ago
- Binary Format of iOS 13 Sandbox Profile Collection☆50Updated 5 years ago
- ☆27Updated 13 years ago
- ios kernel class tree☆23Updated 5 years ago
- Proof of concept for CVE-2018-4150 by @cmwdotme☆14Updated 6 years ago
- ☆31Updated 5 years ago
- This tool will help to fix the Mach-O header of iOS kernel which dump from the memory. So that IDA or function symbol-related tools can l…☆22Updated 7 years ago
- CVE-2017-13868: Information leak of uninitialized kernel heap data in XNU.☆28Updated 6 years ago
- multi_path exploit now with remount for iOS 11.3.X (english version)☆19Updated 6 years ago
- iOS/macOS: task_swap_mach_voucher() does not respect MIG semantics leading to use-after-free☆10Updated 5 years ago
- A fuzzer for the iOS kernel and userland☆44Updated 6 years ago
- load iOS12 kernelcaches and PAC code in IDA☆60Updated 6 years ago
- Demo exploit code for CVE-2020-27904, a tfp0 bug.☆65Updated 3 years ago
- Demo: Anti Anti-Debug in iOS Kernel☆73Updated 6 years ago
- on Mac 10.12.2☆18Updated 6 years ago
- Extract a decrypted iOS 64-bit kernelcache☆41Updated this week
- CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.☆58Updated 6 years ago
- do not debug me☆11Updated 5 years ago
- some research results of sep☆19Updated 3 years ago
- IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension opcodes☆26Updated 4 years ago