Updated version of Onyx The Black Cat

New version available at the github repo, compatible with Mavericks and with a Cocoa app to control its features.

Mavericks sysent table is modified so previous versions weren’t compatible with it. I updated the sysent table definitions. It’s not the best method to assure future compatibility in case Apple decides to change the structure again. A better way is to find the symbols for the syscalls and replace them directly in the sysent table. Maybe in a future update.

The GUI app is nothing special and code is not pretty for sure. My Cocoa skills still suck (feel free to improve it, I’m always open to learn). If you quit it while the driver is running and load it again, the options state will be clean and not show what was already set. This is because the driver doesn’t support querying what options are set. Maybe in a future update ;-).

Don’t forget you need to download and add diStorm to the codebase. I have to give it a try and include Capstone in the kernel driver.

Enjoy,
fG!

 

2 thoughts on “Updated version of Onyx The Black Cat

Leave a Reply

Your email address will not be published. Required fields are marked *