IDA iBoot Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Installation
Copy iboot-loader.py to the loaders folder in IDA directory.
Credits
- This code is based on argp's iBoot64helper
- iBoot-Binja-Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Overview
You might also like...
User-friendly reference finder in IDA
IDARefHunter Updated: This project's been introduced on IDA Plugin Contest 2021! Why do we need RefHunter? Getting reference information in one specif
29 Dec 4, 2022
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.
Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St
199 Jan 4, 2023
An IDA pro python script to decrypt Qbot malware string
Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.
6 Sep 1, 2022
Better-rtti-parser - IDA script to parse RTTI information in executable
RTTI parser Parses RTTI information from executable. Example HexRays decompiler view Before: After: Functions window Before: After: Structs window Ins
101 Jan 4, 2023
IDA Frida Plugin for tracing something interesting.
IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t
133 Dec 24, 2022
Patching - Interactive Binary Patching for IDA Pro
Patching - Interactive Binary Patching for IDA Pro Overview Patching assembly code to change the behavior of an existing program is not uncommon in ma
589 Dec 30, 2022
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.
RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,
53 Nov 1, 2022
Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.
Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage
84 Dec 23, 2022
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai
329 Jan 1, 2023
Comments
-
noob question xD
opened by P5-2005 4hello, i wonder how to find base address per iboot file?, what im trying, always i get this !: [i] bootloader : RELEASE [!] Failed to find base address, it's now set to 0x0 [+] Rebasing to address 0x0
IDA 7.6 on windows
thanks
-
Not sure if AVPBooter.vmapple2 is being rebased correctly
opened by Naville 0Loading file 'AVPBooter.vmapple2.bin' into database... Detected file format: SecureROM (AArch64) 0. Creating a new segment (0000000000000000-0000000000028250) ... ... OK [i] bootloader : RELEASE [+] Rebasing to address 0x100000 Rebasing program to 0x0000000000100000... [+] _image4_get_partial : 0x100828 [+] _panic : 0x10367c [+] _platform_get_usb_serial_number_string : 0x102378 [+] _platform_get_usb_more_other_string : 0x102530 [+] _task_init : 0x1042ac [+] _arm_exception_abort : 0x10e9d4 [+] _platform_get_usb_vendor_id : 0x107d00 [+] _usb_core_init : 0x104ee0 [+] _usb_init_with_controller : 0x104f58 [+] _der_expect_ia5string : 0x1009f0I personally doubt 0x100000 is the correct rebase address, especially given the amount of errors in the pseudo code:
Although, I'm quite new to reversing iBoot so I could be very wrong though
Releases(v1.0.1)
-
v1.0.1(Dec 20, 2022)
Fixes and improvments
Source code(tar.gz)
Source code(zip)
-
v1.0.0(Sep 21, 2021)
- Rebase file to its correct base address
- Find specific functions based on strings, functions xref or bytes pattern
- Bonus for dev/debug images : find a lot of functions based on panic/assert (tested on 12.x 3Dtouchcal images)
Source code(zip)
Python & JavaScript Obfuscator made in Python 3.
Python Code Obfuscator A script that converts code into full on random numerical expressions. Simple Scripts: Python Mode... Input: Function that deco
1 Dec 29, 2021
A Python wrapper around the OpenSSL library
pyOpenSSL -- A Python wrapper around the OpenSSL library Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where
795 Dec 29, 2022
Cobalt Strike < 4.4 dos CVE-2021-36798
CVE-2021-36798 CVE-2021-36798 Cobalt Strike 4.3 dos 用法 python3 CVE-2021-36798.py BeaconURL 打瘫Cobalt Strike 只需要一个包 已测试 4.3 4.2 参考: https://labs.sent
37 Nov 09, 2022
Course: Information Security with Python
Curso: Segurança da Informação com Python Curso realizado atravès da Plataforma da Digital Innovation One Prof: Bruno Dias Conteúdo: Introdução aos co
1 Nov 28, 2021
Trustme: #1 quality TLS certs while you wait
trustme: #1 quality TLS certs while you wait You wrote a cool network client or server. It encrypts connections using TLS. Your test suite needs to ma
479 Dec 27, 2022
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including P
95 Dec 26, 2022
Mass Check Vulnerable Log4j CVE-2021-44228
Log4j-CVE-2021-44228 Mass Check Vulnerable Log4j CVE-2021-44228 Introduction Actually I just checked via Vulnerable Application from https://github.co
6 Dec 28, 2022
Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.
Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.
21 Jan 01, 2023
Cobalt Strike Beacon configuration extractor and parser.
Cobalt Strike Configuration Extractor and Parser Overview Pure Python library and set of scripts to extract and parse configurations (configs) from Co
102 Dec 18, 2022
Apk Framework Detector
🚀🚀🚀Program helps you to detect the major framework or technology used in writing any android app. Just provide the apk 😇😇
10 Dec 07, 2022
PoC encrypted diary in Python 3
Encrypted diary Sample program to store confidential data. Provides encryption in the form of AES-256 with bcrypt KDF. Does not provide authentication
1 Dec 25, 2021
Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。
0x00 介绍 tig Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率,目前已集成微步、IP 域名反查、Fofa 信息收集、ICP 备案查询、IP 存活检测五个模块,现已支持以下信息的查询: ✅ 微步标签 ✅ I
698 Dec 09, 2022
Installation of hacking tools
Tools-Spartan This is a program that makes it easy for you to download and install tools used in Kali Linux, there are tons of tools available.
1 Nov 10, 2021
RCE Exploit for Gitlab < 13.9.4
GitLab-Wiki-RCE RCE Exploit for Gitlab 13.9.4 RCE via unsafe inline Kramdown options when rendering certain Wiki pages Allows any user with push acc
52 Nov 09, 2022
一个自动挖掘漏洞的框架,日后会发展成强大的信息收集+漏洞挖掘脚本!
介绍 工具介绍 这是一款致力于将各类优秀脚本集合在一起调用、联动,最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息,发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。
23 Jul 05, 2022
🍉一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识别,目录扫描,旁站扫描,域名扫描等功能。
Sec-Tools 项目介绍 系统简介 本项目命名为Sec-Tools,是一款基于 Python-Django 的在线多功能 Web 应用渗透测试系统,包含漏洞检测、目录识别、端口扫描、指纹识别、域名探测、旁站探测、信息泄露检测等功能。本系统通过旁站探测和域名探测功能对待检测网站进行资产收集,通过端
300 Jan 07, 2023
Lite version of my Gatekeeper backdoor for public use.
Gatekeeper Lite Backdoor Fully functioning bind-type backdoor This backdoor is a fully functioning bind shell and lite version of my full functioning
56 Mar 25, 2022
A Fast Broken Link Hijacker Tool written in Python
Broken Link Hijacker BrokenLinkHijacker(BLH) is a Fast Broken Link Hijacker Tool written in Python.
70 Nov 30, 2022
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。
764 Jan 05, 2023
SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)
Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi
80 Dec 29, 2022