IDA iBoot Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Installation
Copy iboot-loader.py to the loaders folder in IDA directory.
Credits
- This code is based on argp's iBoot64helper
- iBoot-Binja-Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Overview
You might also like...
User-friendly reference finder in IDA
IDARefHunter Updated: This project's been introduced on IDA Plugin Contest 2021! Why do we need RefHunter? Getting reference information in one specif
29 Dec 4, 2022
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.
Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St
199 Jan 4, 2023
An IDA pro python script to decrypt Qbot malware string
Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.
6 Sep 1, 2022
Better-rtti-parser - IDA script to parse RTTI information in executable
RTTI parser Parses RTTI information from executable. Example HexRays decompiler view Before: After: Functions window Before: After: Structs window Ins
101 Jan 4, 2023
IDA Frida Plugin for tracing something interesting.
IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t
133 Dec 24, 2022
Patching - Interactive Binary Patching for IDA Pro
Patching - Interactive Binary Patching for IDA Pro Overview Patching assembly code to change the behavior of an existing program is not uncommon in ma
589 Dec 30, 2022
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.
RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,
53 Nov 1, 2022
Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.
Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage
84 Dec 23, 2022
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai
329 Jan 1, 2023
Comments
-
noob question xD
opened by P5-2005 4hello, i wonder how to find base address per iboot file?, what im trying, always i get this !: [i] bootloader : RELEASE [!] Failed to find base address, it's now set to 0x0 [+] Rebasing to address 0x0
IDA 7.6 on windows
thanks
-
Not sure if AVPBooter.vmapple2 is being rebased correctly
opened by Naville 0Loading file 'AVPBooter.vmapple2.bin' into database... Detected file format: SecureROM (AArch64) 0. Creating a new segment (0000000000000000-0000000000028250) ... ... OK [i] bootloader : RELEASE [+] Rebasing to address 0x100000 Rebasing program to 0x0000000000100000... [+] _image4_get_partial : 0x100828 [+] _panic : 0x10367c [+] _platform_get_usb_serial_number_string : 0x102378 [+] _platform_get_usb_more_other_string : 0x102530 [+] _task_init : 0x1042ac [+] _arm_exception_abort : 0x10e9d4 [+] _platform_get_usb_vendor_id : 0x107d00 [+] _usb_core_init : 0x104ee0 [+] _usb_init_with_controller : 0x104f58 [+] _der_expect_ia5string : 0x1009f0I personally doubt 0x100000 is the correct rebase address, especially given the amount of errors in the pseudo code:
Although, I'm quite new to reversing iBoot so I could be very wrong though
Releases(v1.0.1)
-
v1.0.1(Dec 20, 2022)
Fixes and improvments
Source code(tar.gz)
Source code(zip)
-
v1.0.0(Sep 21, 2021)
- Rebase file to its correct base address
- Find specific functions based on strings, functions xref or bytes pattern
- Bonus for dev/debug images : find a lot of functions based on panic/assert (tested on 12.x 3Dtouchcal images)
Source code(zip)
Privilege escalation with polkit - CVE-2021-3560
Polkit-exploit - CVE-2021-3560 Privilege escalation with polkit - CVE-2021-3560 Summary CVE-2021-3560 is an authentication bypass on polkit, which all
95 Dec 27, 2022
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220
224 Aug 05, 2022
'Our Drowsinessdetector detects drivers eyes if they are closed for more than 2 seconds and alerts driver'
Data analysis Document here the project: DriverDrowsinessDetector Description: Project Description Data Source: Type of analysis: Please document the
3 Jul 03, 2022
Detection tool of malware(s) by checksum (useful for forensic)
🐍 malware_checker.py Detection tool of malware(s) by checksum (useful for forensic) 📦 Dependencies installation $ pip3 install -r requirements.txt
1 Jan 30, 2022
Send CVE information to the specified mailbox (from Github)
Send CVE information to the specified mailbox (from Github)
91 Nov 08, 2022
TLaunch: Launch Programs on Multiple Hosts
TLaunch: Launch Programs on Multiple Hosts Introduction Deepmind launchpad is a library that helps writing distributed program in a simple way. But cu
11 Nov 11, 2022
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)
VSSTrigger Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VS
6 Jul 24, 2022
Search Shodan for Minecraft server IPs to grief
GriefBuddy This script searches Shodan for Minecraft server IPs to grief. This will return all servers connected to the public internet which Shodan h
26 Dec 29, 2022
利用NTLM Hash读取Exchange邮件
GetMail 利用NTLM Hash读取Exchange邮件:在进行内网渗透时候,我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦,需要进行破解,NTLM的破解主要依靠字典强度,破解概率并不是很大。
[email protected]">
388 Dec 27, 2022
This is a Python program that implements a vacuum cleaner as an Artificial Intelligence.
Vacuum-Cleaner Python3 This is a Python3 agent that implements a simulator for a vacuum cleaner and it is introduction to Artificial Intelligence. A s
6 Nov 14, 2022
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify
5 Dec 03, 2022
Ensure secure infrastructure and consistency with the firewall rules
Python Port Scanner This script tries to check if it's possible to make a connection with the specific endpoint port. This is very useful to ensure se
7 Feb 26, 2022
MS-FSRVP coercion abuse PoC
ShadowCoerce MS-FSRVP coercion abuse PoC Credits: Gilles LIONEL (a.k.a. Topotam)
219 Dec 28, 2022
Python implementation of the diceware password generating algorithm.
Diceware Password Generator - Generate High Entropy Passwords Please Note - This Program Do Not Store Passwords In Any Form And All The Passwords Are
35 Dec 25, 2022
Northwave Log4j CVE-2021-44228 checker
Northwave Log4j CVE-2021-44228 checker Friday 10 December 2021 a new Proof-of-Concept 1 addressing a Remote code Execution (RCE) vulnerability in the
125 Dec 09, 2022
Get related domains / subdomains by looking at Google Analytics IDs
DomainRelationShips ██╗ ██╗ █████╗ ██╗██████╗ ██║ ██║██╔══██╗ ██║██╔══██╗ ██║ ██║█████
161 Jan 02, 2023
NS-LOOKUP - A python script for scanning website for getting ip address of a website
NS-LOOKUP A python script for scanning website for getting ip address of a websi
5 Aug 02, 2022
Convert a collection of features to a fixed-dimensional matrix using the hashing trick.
FeatureHasher Convert a collection of features to a fixed-dimensional matrix using the hashing trick. Note, this requires Jina=2.2.4. Example Here I
5 Mar 15, 2022
Directory Traversal in Afterlogic webmail aurora and pro
CVE-2021-26294 Exploit Directory Traversal in Afterlogic webmail aurora and pro . Description: AfterLogic Aurora and WebMail Pro products with 7.7.9 a
8 Nov 09, 2022
Anti Supercookie - Confusing the ISP & Escaping the Supercookie
Confusing the ISP & Escaping the Supercookie
2 Nov 22, 2022