Throw back to 2 years ago today, 2024 G5 geomagnetic storm "The Gannon Storm" brought Aurora pillars to Berlin city center, right above OffensiveCon after party, while most of the attendees didn’t know about it 🤭
English
285 posts
Web:
codecolor.ist/entdb/
GitHub action updates everyday:
github.com/ChiChou/entdb
English
Entitlement database
iOS 2 - iOS 26
macOS BigSur to Tahoe
and several OS X versions
Code and data available on GitHub
Filipino
@CodeColorist compile the opensource profiles then decompile them?
English
Asked Claude to rewrite sandblaster with own kernel cache parser and constant finder, then the decision tree simplifier. Now the problem is, how am I supposed to test of the output is correct 🙂↔️
English
I pity for whoever makes the decision to dump Launchpad for the jitter Spotlight. He or she must have suffer a lot from life, terrible married life, childhood trauma and brain issue.
English
@dizzyup Please support paste in the term…🙏
Very unusable without it
English
With Echo, we wanted to create a clean, modern and powerful new SSH client for iPhone + iPad. My personal highlight is the theming engine that extends Ghostty terminal themes to the entire interface — replay.software/echo
English
Some things I've released with @almonk recently: Sleeve 3 — Refreshed for macOS Tahoe with new controls, Umbra 1.5 — With multi-display support and improved HEIC handling, and Echo — An all-new mobile SSH client for iOS, now available on the App Store — replay.software
English
@joinedserver MTE part is the official recommendation from developer doc for 3rd party apps. But yes, 3rd party apps could still use those instructions. In my implementation I skip dyld_shared_cache to not blow the output. I will correct that and thank you
English
@CodeColorist The article claimed MTE instructions are just in allocator libraries so won't appear in executables; which is wrong.
Also it mentioned fbounds-safety is hard to detect on binary, but the emitted disassembly is distinguishable enough even for not-so-pedant reverser I believe.
English
@joinedserver I should make it clear that it’s not trivial to detect such patterns without a full fledged disassembler, so to keep my runtime scanner lightweight I just skip this check for the moment. Those two are not hallucination but rather my own inaccurate experience and limitation
English
@joinedserver I just took it down for more proofreading. Could you please tell me some examples on the wrong conclusions? Could be my wrong opinion or ignorance. Appreciate it!
English
@CodeColorist hey, thanks for it, but its frustrating to see a pwnie owner publishes a blogpost written by ai; and looks like he didn't read it carefully because there are some wrong conclusions which could have been corrected by any serious ios reverse engineer
English
@antoniozekic @fridadotre did not work for Android for me, so I did not ship
English
codecolor.ist/grapefruit/
Friday night product launch is not a good idea, but here is v1.0.0 release
npm i -g igf
Prebuilt single execuatbles are also available on GitHub release page. Please give a 🌟 if you like this tool, maybe I can beg for some free coding tokens with it
English
@arekfurt No this is a platform specific IPC, not related to network traffic at all
English
The general idea here....
How many times have you been using Wireshark and wished that you could easily see what was actually generating/responding to the network traffic on the host?
(For me, I think it's pretty much every time I've used Wireshark.)
English
@patrickwardle By the time of writing that tweet (was 6 years ago 😅), it used unexported symbol from libobjc. There are 2 undocumented, but higher level APIs available
English
A 'fix' 😈
github.com/pwardle/Reflec…
Patrick Wardle@patrickwardle
macOS malware often (ab)uses APIs such as NSCreateObjectFileImageFromMemory, NSLinkModule etc) to execute in-memory payloads. Apple has recently updated dyld3 (+these APIs), such that the in-memory payload is now first/always written out to disk 💾 See: #L154" target="_blank" rel="nofollow noopener">github.com/apple-oss-dist…
English