opa334 / choma Goto Github PK
View Code? Open in Web Editor NEWC library for manipulating MachO/FAT files and their code signatures
License: MIT License
C library for manipulating MachO/FAT files and their code signatures
License: MIT License
I try to set an arbitrary TeamID
so I can inject a dylib to an arbitrary app with opainject
. I updatedAppStoreCodeDirectory.h
with a Code Directory from the target app but when I use opainject
, the kernel complains about the signature. Is there any step I am missing?
Hello, do you have any complete open source projects that use this technique? I would like to use them as a reference and then develop similar functionality.
Hi everyone!
It may be a dumb question, but how can i check that CVE-2023-41991 exploitation is successful on a 'hello world' binary that i compiled in xcode? I mean codesign tool gives me "none" flag and when i try to run it on iphone, it just gets kill by the terminal..
thanks
Hello @opa334 ,
I am sorry to bother you. Is it possible to install an IPA after applying ct_bypass
to the app bundle inside. I was trying to do this but got Failed to verify code signature of /var/ ... (and the extracted payload path)
. I applied the ct_bypass
to it before so I don't understand why the signature is invalid. Shouldn't ct_bypass
sign the binary?
If it is possible, can you please point me to the right direction?
P.S. So basically the question is, how to install IPA without TrollStore but instead applying the CoreTrust bug to it manually and installing using Sideloadly or Filza for example?
Thanks in advance,
Ivan Nikolskiy (@enty8080)
I have used several applications that use this technology. They stop the target application before injecting it and then inject it. Is the injection tool they use also opinject? Or there are other injection tools.
Hi everyone!
I compiled ct_bypass for arm64e, but when i'm trying to bypass it prints:
CoreTrust bypass eta s0n!!
Found 1 MachO slice.
File size 0x2131e0 bytes, MachO slice count 1.
Error: failed to find a valid, preferred macho.
Error: failed to extract preferred slice!
It checks cpusubtype as 0x80000002 and cannot find slice.
I checked macho with otool and it prints:
ct_bypass_arm64e:
Mach header
magic cputype cpusubtype caps filetype ncmds sizeofcmds flags
0xfeedfacf 16777228 2 0x80 2 20 1968 0x00200085
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.