IDA iBoot Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Installation
Copy iboot-loader.py to the loaders folder in IDA directory.
Credits
- This code is based on argp's iBoot64helper
- iBoot-Binja-Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Overview
You might also like...
User-friendly reference finder in IDA
IDARefHunter Updated: This project's been introduced on IDA Plugin Contest 2021! Why do we need RefHunter? Getting reference information in one specif
29 Dec 4, 2022
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.
Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St
199 Jan 4, 2023
An IDA pro python script to decrypt Qbot malware string
Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.
6 Sep 1, 2022
Better-rtti-parser - IDA script to parse RTTI information in executable
RTTI parser Parses RTTI information from executable. Example HexRays decompiler view Before: After: Functions window Before: After: Structs window Ins
101 Jan 4, 2023
IDA Frida Plugin for tracing something interesting.
IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t
133 Dec 24, 2022
Patching - Interactive Binary Patching for IDA Pro
Patching - Interactive Binary Patching for IDA Pro Overview Patching assembly code to change the behavior of an existing program is not uncommon in ma
589 Dec 30, 2022
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.
RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,
53 Nov 1, 2022
Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.
Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage
84 Dec 23, 2022
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai
329 Jan 1, 2023
Comments
-
noob question xD
opened by P5-2005 4hello, i wonder how to find base address per iboot file?, what im trying, always i get this !: [i] bootloader : RELEASE [!] Failed to find base address, it's now set to 0x0 [+] Rebasing to address 0x0
IDA 7.6 on windows
thanks
-
Not sure if AVPBooter.vmapple2 is being rebased correctly
opened by Naville 0Loading file 'AVPBooter.vmapple2.bin' into database... Detected file format: SecureROM (AArch64) 0. Creating a new segment (0000000000000000-0000000000028250) ... ... OK [i] bootloader : RELEASE [+] Rebasing to address 0x100000 Rebasing program to 0x0000000000100000... [+] _image4_get_partial : 0x100828 [+] _panic : 0x10367c [+] _platform_get_usb_serial_number_string : 0x102378 [+] _platform_get_usb_more_other_string : 0x102530 [+] _task_init : 0x1042ac [+] _arm_exception_abort : 0x10e9d4 [+] _platform_get_usb_vendor_id : 0x107d00 [+] _usb_core_init : 0x104ee0 [+] _usb_init_with_controller : 0x104f58 [+] _der_expect_ia5string : 0x1009f0I personally doubt 0x100000 is the correct rebase address, especially given the amount of errors in the pseudo code:
Although, I'm quite new to reversing iBoot so I could be very wrong though
Releases(v1.0.1)
-
v1.0.1(Dec 20, 2022)
Fixes and improvments
Source code(tar.gz)
Source code(zip)
-
v1.0.0(Sep 21, 2021)
- Rebase file to its correct base address
- Find specific functions based on strings, functions xref or bytes pattern
- Bonus for dev/debug images : find a lot of functions based on panic/assert (tested on 12.x 3Dtouchcal images)
Source code(zip)
telegram bug that discloses user's hidden phone number (still unpatched) (exploit included)
CVE-2019-15514 Type: Information Disclosure Affected Users, Versions, Devices: All Telegram Users Still not fixed/unpatched. brute.py is available exp
66 Dec 08, 2022
IDA Frida Plugin for tracing something interesting.
IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t
133 Dec 24, 2022
Threat Intel Platform for T-POTs
GreedyBear The project goal is to extract data of the attacks detected by a TPOT or a cluster of them and to generate some feeds that can be used to p
72 Jan 01, 2023
Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp
cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session
135 Dec 14, 2022
A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.
PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio
26 Sep 04, 2022
Simple python script for generating custom high-secure passwords for securing your social-apps ❤️
Opensource Project Simple Python Password Generator This repository is just for peoples who want to generate strong-passwords for there social-account
15 Dec 01, 2022
This Repository is an up-to-date version of Harvard nlp's Legacy code and a Refactoring of the jupyter notebook version as a shell script version.
This Repository is an up-to-date version of Harvard nlp's Legacy code and a Refactoring of the jupyter notebook version as a shell script version.
17 Sep 25, 2022
Yet another web fuzzer
yafuzz Yet another web fuzzer Usage This script can run in two modes of operation. Supplying a wordlist -W argument will initiate a multithreaded fuzz
5 Feb 02, 2022
cve-2021-21985 exploit
cve-2021-21985 exploit 0x01 漏洞点 分析可见: https://attackerkb.com/topics/X85GKjaVER/cve-2021-21985?referrer=home#rapid7-analysis 0x02 exploit 对beans对象进行重新构
105 Nov 22, 2022
Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell
Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell
16 Nov 09, 2022
This tool was created in order to automate some basic OSINT tasks for penetration testing assingments.
This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where t
5 May 31, 2022
CVE-2021-22986 & F5 BIG-IP RCE
Vuln Impact This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management
85 Dec 02, 2022
PoC for CVE-2021-26855 -Just a checker-
CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C
17 Dec 22, 2022
RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API.
RapiDAST RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API. Its core engine is OWASP Z
17 Nov 11, 2022
List of S3 Hacks
s3-leaks List of AWS S3 Leaks Feel free to send in a PR if you know of other leaks Date Description Notes Aug2020 S3 bucket mess up exposed 182GB of s
291 Dec 28, 2022
A hashtag check python module
A hashtag check python module
3 Aug 10, 2022
Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
Pachine Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation). Installtion $ pip3 install impacket Usage Impacket v0.9.23 -
250 Dec 31, 2022
HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures.
HatVenom HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures. Featu
100 Dec 23, 2022
Scout Suite - an open source multi-cloud security-auditing tool,
Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t
5k Jan 05, 2023
CVE-2022-21907 Vulnerability PoC
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17, just some sm
16 Dec 18, 2022