IDA iBoot Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Installation
Copy iboot-loader.py
to the loaders folder in IDA directory.
Credits
- This code is based on argp's iBoot64helper
- iBoot-Binja-Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Copy iboot-loader.py
to the loaders folder in IDA directory.
IDARefHunter Updated: This project's been introduced on IDA Plugin Contest 2021! Why do we need RefHunter? Getting reference information in one specif
Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St
Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.
RTTI parser Parses RTTI information from executable. Example HexRays decompiler view Before: After: Functions window Before: After: Structs window Ins
IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t
Patching - Interactive Binary Patching for IDA Pro Overview Patching assembly code to change the behavior of an existing program is not uncommon in ma
RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,
Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage
DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai
hello, i wonder how to find base address per iboot file?, what im trying, always i get this !: [i] bootloader : RELEASE [!] Failed to find base address, it's now set to 0x0 [+] Rebasing to address 0x0
IDA 7.6 on windows
thanks
Loading file 'AVPBooter.vmapple2.bin' into database...
Detected file format: SecureROM (AArch64)
0. Creating a new segment (0000000000000000-0000000000028250) ... ... OK
[i] bootloader : RELEASE
[+] Rebasing to address 0x100000
Rebasing program to 0x0000000000100000...
[+] _image4_get_partial : 0x100828
[+] _panic : 0x10367c
[+] _platform_get_usb_serial_number_string : 0x102378
[+] _platform_get_usb_more_other_string : 0x102530
[+] _task_init : 0x1042ac
[+] _arm_exception_abort : 0x10e9d4
[+] _platform_get_usb_vendor_id : 0x107d00
[+] _usb_core_init : 0x104ee0
[+] _usb_init_with_controller : 0x104f58
[+] _der_expect_ia5string : 0x1009f0
I personally doubt 0x100000 is the correct rebase address, especially given the amount of errors in the pseudo code:
Although, I'm quite new to reversing iBoot so I could be very wrong though
Fixes and improvments
Source code(tar.gz)CVE-2019-15514 Type: Information Disclosure Affected Users, Versions, Devices: All Telegram Users Still not fixed/unpatched. brute.py is available exp
IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t
GreedyBear The project goal is to extract data of the attacks detected by a TPOT or a cluster of them and to generate some feeds that can be used to p
cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session
PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio
Opensource Project Simple Python Password Generator This repository is just for peoples who want to generate strong-passwords for there social-account
This Repository is an up-to-date version of Harvard nlp's Legacy code and a Refactoring of the jupyter notebook version as a shell script version.
yafuzz Yet another web fuzzer Usage This script can run in two modes of operation. Supplying a wordlist -W argument will initiate a multithreaded fuzz
cve-2021-21985 exploit 0x01 漏洞点 分析可见: https://attackerkb.com/topics/X85GKjaVER/cve-2021-21985?referrer=home#rapid7-analysis 0x02 exploit 对beans对象进行重新构
Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell
This tool was created in order to automate some basic OSINT tasks for penetration testing assingments. The main feature that I haven't seen much anywhere is the downloadd google dork function where t
Vuln Impact This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management
CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C
RapiDAST RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API. Its core engine is OWASP Z
s3-leaks List of AWS S3 Leaks Feel free to send in a PR if you know of other leaks Date Description Notes Aug2020 S3 bucket mess up exposed 182GB of s
A hashtag check python module
Pachine Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation). Installtion $ pip3 install impacket Usage Impacket v0.9.23 -
HatVenom HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures. Featu
Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17, just some sm