Onyx The Black Cat v0.3

Version 0.3 is here. A couple small bugs are fixed, module features can be controled via sysctl variables (enable or disable features) and code is split into different source files (it was a mess in a single file!). Tiger support is removed so it’s ready to work with Leopard 10.5.6. Check the README file for more info. As a bonus I discovered that DTrace equivalent to PT_DENY_ATTACH is P_LNOATTACH, and is bypassed due to our ptrace hijack....

March 25, 2009 · 1 min · 97 words · fG!

Mach-O binary offset calculator

I made a mistake in this tutorial! The way to calculate offsets to patch is wrong because I commited an inference error (analysed only a few binaries and assumed it to be correct). Found this while creating a program to calculate everything automatically. Check the code if you are interested in understanding how it’s done. Meanwhile I will update the tutorial… Without any further delays, I present you with Binary offset calculator....

March 13, 2009 · 2 min · 333 words · fG!

Why is kernel debugging fun?

Just look at this: I just got Little Snitch to keep working even with network filter being off (that should be equivalent to expired 3 hour trial). The game is still not over because only the Once button is working but it seems I have my entry point 😄. Little Snitch works by using a socket filter (Apple document here) installed when kernel module starts (Correction: Little Snitch kernel module is an IOKit driver and not a simple kernel extension)....

March 9, 2009 · 1 min · 118 words · fG!

Mac OS X Kernel debugging with VMware

I love VMware (used it since its first releases) and I love it even more now 😄. Yesterday I had the not so crazy idea (and not original) to use VMware for Mac OS X kernel debugging because newest Little Snitch version seems to have a new anti-debug trick and I don’t have another Mac at hand. After some trial and error I managed to get it working, so let’s show how it’s possible....

March 5, 2009 · 7 min · 1407 words · fG!

Serial phishing tutorial !!! It’s hot hot hot ;)

Hey, today is a slow day and I got a suggestion to write about serial phishing. Someone else suggest an easy target and here it is a tutorial about serial phishing. The target is a very easy one so you should be able to understand everything and practice your GDB skills a little more. Here are the files: serial-phishing.txt macdvix.dmg (SHA1(MacDviX.dmg)= 9eb463acff18d003c4a0d619171ce0cd93bc53e6) (Unfortunately I lost the installer and can’t find it on my backups 😦)....

February 23, 2009 · 1 min · 92 words · fG!