xnuspy icon indicating copy to clipboard operation
xnuspy copied to clipboard
verified publisher icon jsherman212

finding offset for the patchfinder

Open sanny1 opened this issue 1 year ago • 3 comments

Hi Jsherman212 or contributors,

I was looking to work on adding support for iOS 16, currently digging through Kernelcache for the offset value, would just finding the offset be good enough to make xnuspy work on iOS 16?

sanny1 avatar Nov 30 '24 18:11 sanny1

Been trying to work on it myself, I am stuck on write_blr function for some reason this seems to cause an issue? could this because I don't have the correct address(I have looked and updated the mask and stuff), or is it that xnu now know when you write some assembly code in that region. If anyone can find out why it would be awesome thank you

sanny1 avatar Dec 23 '24 21:12 sanny1

Been trying to work on it myself, I am stuck on write_blr function for some reason this seems to cause an issue? could this because I don't have the correct address(I have looked and updated the mask and stuff), or is it that xnu now know when you write some assembly code in that region. If anyone can find out why it would be awesome thank you

maybe you need to find some problem in hook_system_check_sysctlbyname_hook.s, in iOS 16, some offset wrong

iChost avatar Jan 07 '25 04:01 iChost

Ya I did and now I am getting issue with sysctlbyname, when it calls kern.xxxxx maybe some of the offset are still wrong

sanny1 avatar Jan 08 '25 08:01 sanny1