CoCalc -- offsets32.c

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/external/source/exploits/CVE-2016-4655/offsets32.c
Views: ¹¹⁷⁸⁰
1

2
#define determineTarget(modelIdentifier, swVers, target) if (!string_compare(device_model, modelIdentifier)) { if (!string_compare(system_version, swVers)) { return target; }}
3

4
typedef enum {
5
    NotSupported,
6
    iPhone41_iOS902,
7
    iPhone41_iOS910,
8
    iPhone41_iOS920,
9
    iPhone41_iOS921,
10
    iPhone41_iOS930,
11
    iPhone41_iOS931,
12
    iPhone41_iOS932,
13
    iPhone41_iOS933,
14
    iPhone41_iOS934,
15
    iPhone51_iOS910,
16
    iPhone51_iOS920,
17
    iPhone51_iOS921,
18
    iPhone51_iOS930,
19
    iPhone51_iOS931,
20
    iPhone51_iOS932,
21
    iPhone51_iOS933,
22
    iPhone51_iOS934,
23
    iPhone52_iOS902,
24
    iPhone52_iOS910,
25
    iPhone52_iOS920,
26
    iPhone52_iOS921,
27
    iPhone52_iOS930,
28
    iPhone52_iOS931,
29
    iPhone52_iOS932,
30
    iPhone52_iOS933,
31
    iPhone52_iOS934,
32
    iPhone53_iOS910,
33
    iPhone53_iOS920,
34
    iPhone53_iOS921,
35
    iPhone53_iOS930,
36
    iPhone53_iOS931,
37
    iPhone53_iOS932,
38
    iPhone53_iOS933,
39
    iPhone53_iOS934,
40
    iPhone54_iOS910,
41
    iPhone54_iOS920,
42
    iPhone54_iOS921,
43
    iPhone54_iOS930,
44
    iPhone54_iOS931,
45
    iPhone54_iOS932,
46
    iPhone54_iOS933,
47
    iPhone54_iOS934,
48
    iPad21_iOS910,
49
    iPad21_iOS920,
50
    iPad21_iOS921,
51
    iPad21_iOS930,
52
    iPad21_iOS931,
53
    iPad21_iOS932,
54
    iPad21_iOS933,
55
    iPad21_iOS934,
56
    iPad22_iOS910,
57
    iPad22_iOS920,
58
    iPad22_iOS921,
59
    iPad22_iOS930,
60
    iPad22_iOS931,
61
    iPad22_iOS932,
62
    iPad22_iOS933,
63
    iPad22_iOS934,
64
    iPad23_iOS910,
65
    iPad23_iOS920,
66
    iPad23_iOS921,
67
    iPad23_iOS930,
68
    iPad23_iOS931,
69
    iPad23_iOS932,
70
    iPad23_iOS933,
71
    iPad23_iOS934,
72
    iPad24_iOS910,
73
    iPad24_iOS920,
74
    iPad24_iOS921,
75
    iPad24_iOS930,
76
    iPad24_iOS931,
77
    iPad24_iOS932,
78
    iPad24_iOS933,
79
    iPad24_iOS934,
80
    iPad25_iOS902,
81
    iPad25_iOS910,
82
    iPad25_iOS920,
83
    iPad25_iOS921,
84
    iPad25_iOS930,
85
    iPad25_iOS931,
86
    iPad25_iOS932,
87
    iPad25_iOS933,
88
    iPad25_iOS934,
89
    iPad26_iOS910,
90
    iPad26_iOS920,
91
    iPad26_iOS921,
92
    iPad26_iOS930,
93
    iPad26_iOS931,
94
    iPad26_iOS932,
95
    iPad26_iOS933,
96
    iPad26_iOS934,
97
    iPad27_iOS910,
98
    iPad27_iOS920,
99
    iPad27_iOS921,
100
    iPad27_iOS930,
101
    iPad27_iOS931,
102
    iPad27_iOS932,
103
    iPad27_iOS933,
104
    iPad27_iOS934,
105
    iPad31_iOS910,
106
    iPad31_iOS920,
107
    iPad31_iOS921,
108
    iPad31_iOS930,
109
    iPad31_iOS931,
110
    iPad31_iOS932,
111
    iPad31_iOS933,
112
    iPad31_iOS934,
113
    iPad32_iOS910,
114
    iPad32_iOS920,
115
    iPad32_iOS921,
116
    iPad32_iOS930,
117
    iPad32_iOS931,
118
    iPad32_iOS932,
119
    iPad32_iOS933,
120
    iPad32_iOS934,
121
    iPad33_iOS902,
122
    iPad33_iOS910,
123
    iPad33_iOS920,
124
    iPad33_iOS921,
125
    iPad33_iOS930,
126
    iPad33_iOS931,
127
    iPad33_iOS932,
128
    iPad33_iOS933,
129
    iPad33_iOS934,
130
    iPad34_iOS910,
131
    iPad34_iOS920,
132
    iPad34_iOS921,
133
    iPad34_iOS930,
134
    iPad34_iOS931,
135
    iPad34_iOS932,
136
    iPad34_iOS933,
137
    iPad34_iOS934,
138
    iPad35_iOS910,
139
    iPad35_iOS920,
140
    iPad35_iOS921,
141
    iPad35_iOS930,
142
    iPad35_iOS931,
143
    iPad35_iOS932,
144
    iPad35_iOS933,
145
    iPad35_iOS934,
146
    iPad36_iOS910,
147
    iPad36_iOS920,
148
    iPad36_iOS921,
149
    iPad36_iOS930,
150
    iPad36_iOS931,
151
    iPad36_iOS932,
152
    iPad36_iOS933,
153
    iPad36_iOS934,
154
    iPod51_iOS910,
155
    iPod51_iOS920,
156
    iPod51_iOS921,
157
    iPod51_iOS930,
158
    iPod51_iOS931,
159
    iPod51_iOS932,
160
    iPod51_iOS933,
161
    iPod51_iOS934
162
} t_target_environment;
163

164
static t_target_environment target_environment;
165

166
t_target_environment info_to_target_environment(const char *device_model, const char *system_version) {
167
    determineTarget("iPhone4,1", "9.0.2", iPhone41_iOS902);
168
    determineTarget("iPhone4,1", "9.1", iPhone41_iOS910);
169
    determineTarget("iPhone4,1", "9.2", iPhone41_iOS920);
170
    determineTarget("iPhone4,1", "9.2.1", iPhone41_iOS921);
171
    determineTarget("iPhone4,1", "9.3", iPhone41_iOS930);
172
    determineTarget("iPhone4,1", "9.3.1", iPhone41_iOS931);
173
    determineTarget("iPhone4,1", "9.3.2", iPhone41_iOS932);
174
    determineTarget("iPhone4,1", "9.3.3", iPhone41_iOS933);
175
    determineTarget("iPhone4,1", "9.3.4", iPhone41_iOS934);
176
    determineTarget("iPhone5,1", "9.1", iPhone51_iOS910);
177
    determineTarget("iPhone5,1", "9.2", iPhone51_iOS920);
178
    determineTarget("iPhone5,1", "9.2.1", iPhone51_iOS921);
179
    determineTarget("iPhone5,1", "9.3", iPhone51_iOS930);
180
    determineTarget("iPhone5,1", "9.3.1", iPhone51_iOS931);
181
    determineTarget("iPhone5,1", "9.3.2", iPhone51_iOS932);
182
    determineTarget("iPhone5,1", "9.3.3", iPhone51_iOS933);
183
    determineTarget("iPhone5,1", "9.3.4", iPhone51_iOS934);
184
    determineTarget("iPhone5,2", "9.0.2", iPhone52_iOS902);
185
    determineTarget("iPhone5,2", "9.1", iPhone52_iOS910);
186
    determineTarget("iPhone5,2", "9.2", iPhone52_iOS920);
187
    determineTarget("iPhone5,2", "9.2.1", iPhone52_iOS921);
188
    determineTarget("iPhone5,2", "9.3", iPhone52_iOS930);
189
    determineTarget("iPhone5,2", "9.3.1", iPhone52_iOS931);
190
    determineTarget("iPhone5,2", "9.3.2", iPhone52_iOS932);
191
    determineTarget("iPhone5,2", "9.3.3", iPhone52_iOS933);
192
    determineTarget("iPhone5,2", "9.3.4", iPhone52_iOS934);
193
    determineTarget("iPhone5,3", "9.1", iPhone53_iOS910);
194
    determineTarget("iPhone5,3", "9.2", iPhone53_iOS920);
195
    determineTarget("iPhone5,3", "9.2.1", iPhone53_iOS921);
196
    determineTarget("iPhone5,3", "9.3", iPhone53_iOS930);
197
    determineTarget("iPhone5,3", "9.3.1", iPhone53_iOS931);
198
    determineTarget("iPhone5,3", "9.3.2", iPhone53_iOS932);
199
    determineTarget("iPhone5,3", "9.3.3", iPhone53_iOS933);
200
    determineTarget("iPhone5,3", "9.3.4", iPhone53_iOS934);
201
    determineTarget("iPhone5,4", "9.1", iPhone54_iOS910);
202
    determineTarget("iPhone5,4", "9.2", iPhone54_iOS920);
203
    determineTarget("iPhone5,4", "9.2.1", iPhone54_iOS921);
204
    determineTarget("iPhone5,4", "9.3", iPhone54_iOS930);
205
    determineTarget("iPhone5,4", "9.3.1", iPhone54_iOS931);
206
    determineTarget("iPhone5,4", "9.3.2", iPhone54_iOS932);
207
    determineTarget("iPhone5,4", "9.3.3", iPhone54_iOS933);
208
    determineTarget("iPhone5,4", "9.3.4", iPhone54_iOS934);
209
    determineTarget("iPad2,1", "9.1", iPad21_iOS910);
210
    determineTarget("iPad2,1", "9.2", iPad21_iOS920);
211
    determineTarget("iPad2,1", "9.2.1", iPad21_iOS921);
212
    determineTarget("iPad2,1", "9.3", iPad21_iOS930);
213
    determineTarget("iPad2,1", "9.3.1", iPad21_iOS931);
214
    determineTarget("iPad2,1", "9.3.2", iPad21_iOS932);
215
    determineTarget("iPad2,1", "9.3.3", iPad21_iOS933);
216
    determineTarget("iPad2,1", "9.3.4", iPad21_iOS934);
217
    determineTarget("iPad2,2", "9.1", iPad22_iOS910);
218
    determineTarget("iPad2,2", "9.2", iPad22_iOS920);
219
    determineTarget("iPad2,2", "9.2.1", iPad22_iOS921);
220
    determineTarget("iPad2,2", "9.3", iPad22_iOS930);
221
    determineTarget("iPad2,2", "9.3.1", iPad22_iOS931);
222
    determineTarget("iPad2,2", "9.3.2", iPad22_iOS932);
223
    determineTarget("iPad2,2", "9.3.3", iPad22_iOS933);
224
    determineTarget("iPad2,2", "9.3.4", iPad22_iOS934);
225
    determineTarget("iPad2,3", "9.1", iPad23_iOS910);
226
    determineTarget("iPad2,3", "9.2", iPad23_iOS920);
227
    determineTarget("iPad2,3", "9.2.1", iPad23_iOS921);
228
    determineTarget("iPad2,3", "9.3.0", iPad23_iOS930);
229
    determineTarget("iPad2,3", "9.3.1", iPad23_iOS931);
230
    determineTarget("iPad2,3", "9.3.2", iPad23_iOS920);
231
    determineTarget("iPad2,3", "9.3.3", iPad23_iOS933);
232
    determineTarget("iPad2,3", "9.3.4", iPad23_iOS934);
233
    determineTarget("iPad2,4", "9.1", iPad24_iOS910);
234
    determineTarget("iPad2,4", "9.2", iPad24_iOS920);
235
    determineTarget("iPad2,4", "9.2.1", iPad24_iOS921);
236
    determineTarget("iPad2,4", "9.3.0", iPad24_iOS930);
237
    determineTarget("iPad2,4", "9.3.1", iPad24_iOS931);
238
    determineTarget("iPad2,4", "9.3.2", iPad24_iOS920);
239
    determineTarget("iPad2,4", "9.3.3", iPad24_iOS933);
240
    determineTarget("iPad2,4", "9.3.4", iPad24_iOS934);
241
    determineTarget("iPad2,5", "9.0.2", iPad25_iOS902);
242
    determineTarget("iPad2,5", "9.1", iPad25_iOS910);
243
    determineTarget("iPad2,5", "9.2", iPad25_iOS920);
244
    determineTarget("iPad2,5", "9.2.1", iPad25_iOS921);
245
    determineTarget("iPad2,5", "9.3", iPad25_iOS930);
246
    determineTarget("iPad2,5", "9.3.1", iPad25_iOS931);
247
    determineTarget("iPad2,5", "9.3.2", iPad25_iOS932);
248
    determineTarget("iPad2,5", "9.3.3", iPad25_iOS933);
249
    determineTarget("iPad2,5", "9.3.4", iPad25_iOS934);
250
    determineTarget("iPad2,6", "9.1", iPad26_iOS910);
251
    determineTarget("iPad2,6", "9.2", iPad26_iOS920);
252
    determineTarget("iPad2,6", "9.2.1", iPad26_iOS921);
253
    determineTarget("iPad2,6", "9.3", iPad26_iOS930);
254
    determineTarget("iPad2,6", "9.3.1", iPad26_iOS931);
255
    determineTarget("iPad2,6", "9.3.2", iPad26_iOS932);
256
    determineTarget("iPad2,6", "9.3.3", iPad26_iOS933);
257
    determineTarget("iPad2,6", "9.3.4", iPad26_iOS934);
258
    determineTarget("iPad2,7", "9.1", iPad27_iOS910);
259
    determineTarget("iPad2,7", "9.2", iPad27_iOS920);
260
    determineTarget("iPad2,7", "9.2.1", iPad27_iOS921);
261
    determineTarget("iPad2,7", "9.3", iPad27_iOS930);
262
    determineTarget("iPad2,7", "9.3.1", iPad27_iOS931);
263
    determineTarget("iPad2,7", "9.3.2", iPad27_iOS932);
264
    determineTarget("iPad2,7", "9.3.3", iPad27_iOS933);
265
    determineTarget("iPad2,7", "9.3.4", iPad27_iOS934);
266
    determineTarget("iPad3,1", "9.1", iPad31_iOS910);
267
    determineTarget("iPad3,1", "9.2", iPad31_iOS920);
268
    determineTarget("iPad3,1", "9.2.1", iPad31_iOS921);
269
    determineTarget("iPad3,1", "9.3.0", iPad31_iOS930);
270
    determineTarget("iPad3,1", "9.3.1", iPad31_iOS931);
271
    determineTarget("iPad3,1", "9.3.2", iPad31_iOS932);
272
    determineTarget("iPad3,1", "9.3.3", iPad31_iOS933);
273
    determineTarget("iPad3,1", "9.3.4", iPad31_iOS934);
274
    determineTarget("iPad3,2", "9.1", iPad32_iOS910);
275
    determineTarget("iPad3,2", "9.2", iPad32_iOS920);
276
    determineTarget("iPad3,2", "9.2.1", iPad32_iOS921);
277
    determineTarget("iPad3,2", "9.3.0", iPad32_iOS930);
278
    determineTarget("iPad3,2", "9.3.1", iPad32_iOS931);
279
    determineTarget("iPad3,2", "9.3.2", iPad32_iOS932);
280
    determineTarget("iPad3,2", "9.3.3", iPad32_iOS933);
281
    determineTarget("iPad3,2", "9.3.4", iPad32_iOS934);
282
    determineTarget("iPad3,3", "9.0.2", iPad33_iOS902);
283
    determineTarget("iPad3,3", "9.1", iPad33_iOS910);
284
    determineTarget("iPad3,3", "9.2", iPad33_iOS920);
285
    determineTarget("iPad3,3", "9.2.1", iPad33_iOS921);
286
    determineTarget("iPad3,3", "9.3", iPad33_iOS930);
287
    determineTarget("iPad3,3", "9.3.1", iPad33_iOS931);
288
    determineTarget("iPad3,3", "9.3.2", iPad33_iOS932);
289
    determineTarget("iPad3,3", "9.3.3", iPad33_iOS933);
290
    determineTarget("iPad3,3", "9.3.4", iPad33_iOS934);
291
    determineTarget("iPad3,4", "9.1", iPad34_iOS910);
292
    determineTarget("iPad3,4", "9.2", iPad34_iOS920);
293
    determineTarget("iPad3,4", "9.2.1", iPad34_iOS921);
294
    determineTarget("iPad3,4", "9.3", iPad34_iOS930);
295
    determineTarget("iPad3,4", "9.3.1", iPad34_iOS931);
296
    determineTarget("iPad3,4", "9.3.2", iPad34_iOS932);
297
    determineTarget("iPad3,4", "9.3.3", iPad34_iOS933);
298
    determineTarget("iPad3,4", "9.3.4", iPad34_iOS934);
299
    determineTarget("iPad3,5", "9.1", iPad35_iOS910);
300
    determineTarget("iPad3,5", "9.2", iPad35_iOS920);
301
    determineTarget("iPad3,5", "9.2.1", iPad35_iOS921);
302
    determineTarget("iPad3,5", "9.3", iPad35_iOS930);
303
    determineTarget("iPad3,5", "9.3.1", iPad35_iOS931);
304
    determineTarget("iPad3,5", "9.3.2", iPad35_iOS932);
305
    determineTarget("iPad3,5", "9.3.3", iPad35_iOS933);
306
    determineTarget("iPad3,5", "9.3.4", iPad35_iOS934);
307
    determineTarget("iPad3,6", "9.1", iPad36_iOS910);
308
    determineTarget("iPad3,6", "9.2", iPad36_iOS920);
309
    determineTarget("iPad3,6", "9.2.1", iPad36_iOS921);
310
    determineTarget("iPad3,6", "9.3", iPad36_iOS930);
311
    determineTarget("iPad3,6", "9.3.1", iPad36_iOS931);
312
    determineTarget("iPad3,6", "9.3.2", iPad36_iOS932);
313
    determineTarget("iPad3,6", "9.3.3", iPad36_iOS933);
314
    determineTarget("iPad3,6", "9.3.4", iPad36_iOS934);
315
    determineTarget("iPod5,1", "9.1", iPod51_iOS910);
316
    determineTarget("iPod5,1", "9.2", iPod51_iOS920);
317
    determineTarget("iPod5,1", "9.2.1", iPod51_iOS921);
318
    determineTarget("iPod5,1", "9.3", iPod51_iOS930);
319
    determineTarget("iPod5,1", "9.3.1", iPod51_iOS931);
320
    determineTarget("iPod5,1", "9.3.2", iPod51_iOS932);
321
    determineTarget("iPod5,1", "9.3.3", iPod51_iOS933);
322
    determineTarget("iPod5,1", "9.3.4", iPod51_iOS934);
323
    return 0;
324
}
325

326
static inline unsigned int find_OSSerializer_serialize(void) {
327
    switch (target_environment) {
328
        case iPhone41_iOS902: return 0x317de4;
329
        case iPhone41_iOS910: return 0x319450;
330
        case iPhone41_iOS920: return 0x3106fc;
331
        case iPhone41_iOS921: return 0x3107fc;
332
        case iPhone41_iOS930: return 0x31812c;
333
        case iPhone41_iOS931: return 0x31812c;
334
        case iPhone41_iOS932: return 0x318264;
335
        case iPhone41_iOS933: return 0x318388;
336
        case iPhone41_iOS934: return 0x318388;
337
        case iPhone51_iOS910: return 0x31fd1c;
338
        case iPhone51_iOS920: return 0x317768;
339
        case iPhone51_iOS921: return 0x317868;
340
        case iPhone51_iOS930: return 0x31ef50;
341
        case iPhone51_iOS931: return 0x31ef50;
342
        case iPhone51_iOS932: return 0x302e3c;
343
        case iPhone51_iOS933: return 0x31f13c;
344
        case iPhone51_iOS934: return 0x31f13c;
345
        case iPhone52_iOS902: return 0x31e7bc;
346
        case iPhone52_iOS910: return 0x31fd1c;
347
        case iPhone52_iOS920: return 0x317768;
348
        case iPhone52_iOS921: return 0x317868;
349
        case iPhone52_iOS930: return 0x31ef50;
350
        case iPhone52_iOS931: return 0x31ef50;
351
        case iPhone52_iOS932: return 0x31ef58;
352
        case iPhone52_iOS933: return 0x31f13c;
353
        case iPhone52_iOS934: return 0x31f13c;
354
        case iPhone53_iOS910: return 0x31fd1c;
355
        case iPhone53_iOS920: return 0x317768;
356
        case iPhone53_iOS921: return 0x317868;
357
        case iPhone53_iOS930: return 0x31ef50;
358
        case iPhone53_iOS931: return 0x31ef50;
359
        case iPhone53_iOS932: return 0x31ef58;
360
        case iPhone53_iOS933: return 0x31f13c;
361
        case iPhone53_iOS934: return 0x31f13c;
362
        case iPhone54_iOS910: return 0x31fd1c;
363
        case iPhone54_iOS920: return 0x317768;
364
        case iPhone54_iOS921: return 0x317868;
365
        case iPhone54_iOS930: return 0x31ef50;
366
        case iPhone54_iOS931: return 0x31ef50;
367
        case iPhone54_iOS932: return 0x31ed7c;
368
        case iPhone54_iOS933: return 0x31f13c;
369
        case iPhone54_iOS934: return 0x31f13c;
370
        case iPad21_iOS910: return 0x319450;
371
        case iPad21_iOS920: return 0x3106fc;
372
        case iPad21_iOS921: return 0x3107fc;
373
        case iPad21_iOS930: return 0x31812c;
374
        case iPad21_iOS931: return 0x31812c;
375
        case iPad21_iOS932: return 0x318264;
376
        case iPad21_iOS933: return 0x318388;
377
        case iPad21_iOS934: return 0x318388;
378
        case iPad22_iOS910: return 0x319450;
379
        case iPad22_iOS920: return 0x3106fc;
380
        case iPad22_iOS921: return 0x3107fc;
381
        case iPad22_iOS930: return 0x31812c;
382
        case iPad22_iOS931: return 0x31812c;
383
        case iPad22_iOS932: return 0x318264;
384
        case iPad22_iOS933: return 0x318388;
385
        case iPad22_iOS934: return 0x318388;
386
        case iPad23_iOS910: return 0x319450;
387
        case iPad23_iOS920: return 0x3106fc;
388
        case iPad23_iOS921: return 0x3107fc;
389
        case iPad23_iOS930: return 0x31812c;
390
        case iPad23_iOS931: return 0x31812c;
391
        case iPad23_iOS932: return 0x318264;
392
        case iPad23_iOS933: return 0x318388;
393
        case iPad23_iOS934: return 0x318388;
394
        case iPad24_iOS910: return 0x319450;
395
        case iPad24_iOS920: return 0x3106fc;
396
        case iPad24_iOS921: return 0x3107fc;
397
        case iPad24_iOS930: return 0x31812c;
398
        case iPad24_iOS931: return 0x31812c;
399
        case iPad24_iOS932: return 0x318264;
400
        case iPad24_iOS933: return 0x318388;
401
        case iPad24_iOS934: return 0x318388;
402
        case iPad25_iOS902: return 0x317de4;
403
        case iPad31_iOS910: return 0x319450;
404
        case iPad31_iOS920: return 0x3106fc;
405
        case iPad31_iOS921: return 0x3107fc;
406
        case iPad31_iOS930: return 0x31812c;
407
        case iPad31_iOS931: return 0x31812c;
408
        case iPad31_iOS932: return 0x318264;
409
        case iPad31_iOS933: return 0x318388;
410
        case iPad31_iOS934: return 0x318388;
411
        case iPad32_iOS910: return 0x319450;
412
        case iPad32_iOS920: return 0x3106fc;
413
        case iPad32_iOS921: return 0x3107fc;
414
        case iPad32_iOS930: return 0x31812c;
415
        case iPad32_iOS931: return 0x31812c;
416
        case iPad32_iOS932: return 0x318264;
417
        case iPad32_iOS933: return 0x318388;
418
        case iPad32_iOS934: return 0x318388;
419
        case iPad33_iOS902: return 0x317de4;
420
        case iPad33_iOS910: return 0x319450;
421
        case iPad33_iOS920: return 0x3106fc;
422
        case iPad33_iOS921: return 0x3107fc;
423
        case iPad33_iOS930: return 0x31812c;
424
        case iPad33_iOS931: return 0x31812c;
425
        case iPad33_iOS932: return 0x318264;
426
        case iPad33_iOS933: return 0x318388;
427
        case iPad33_iOS934: return 0x318388;
428
        case iPad34_iOS910: return 0x31fd1c;
429
        case iPad34_iOS920: return 0x317768;
430
        case iPad34_iOS921: return 0x317868;
431
        case iPad34_iOS930: return 0x31ef50;
432
        case iPad34_iOS931: return 0x31ef50;
433
        case iPad34_iOS932: return 0x31ef58;
434
        case iPad34_iOS933: return 0x31f13c;
435
        case iPad34_iOS934: return 0x31f13c;
436
        case iPad35_iOS910: return 0x31fd1c;
437
        case iPad35_iOS920: return 0x317768;
438
        case iPad35_iOS921: return 0x317868;
439
        case iPad35_iOS930: return 0x31ef50;
440
        case iPad35_iOS931: return 0x31ef50;
441
        case iPad35_iOS932: return 0x31ef58;
442
        case iPad35_iOS933: return 0x31f13c;
443
        case iPad35_iOS934: return 0x31f13c;
444
        case iPad36_iOS910: return 0x31fd1c;
445
        case iPad36_iOS920: return 0x317768;
446
        case iPad36_iOS921: return 0x317868;
447
        case iPad36_iOS930: return 0x31ef50;
448
        case iPad36_iOS931: return 0x31ef50;
449
        case iPad36_iOS932: return 0x31ef58;
450
        case iPad36_iOS933: return 0x31f13c;
451
        case iPad36_iOS934: return 0x31f13c;
452
        case iPod51_iOS910: return 0x319450;
453
        case iPod51_iOS920: return 0x3106fc;
454
        case iPod51_iOS921: return 0x3107fc;
455
        case iPod51_iOS930: return 0x31812c;
456
        case iPod51_iOS931: return 0x31812c;
457
        case iPod51_iOS932: return 0x318264;
458
        case iPod51_iOS933: return 0x318388;
459
        case iPod51_iOS934: return 0x318388;
460
        default: return 0;
461
    }
462
}
463

464
static inline unsigned int find_OSSymbol_getMetaClass(void) {
465
    switch (target_environment) {
466
        case iPhone41_iOS902: return 0x31a5d0;
467
        case iPhone41_iOS910: return 0x31bc3c;
468
        case iPhone41_iOS920: return 0x312e18;
469
        case iPhone41_iOS921: return 0x312f18;
470
        case iPhone41_iOS930: return 0x31a934;
471
        case iPhone41_iOS931: return 0x31a934;
472
        case iPhone41_iOS932: return 0x31aa6c;
473
        case iPhone41_iOS933: return 0x31ab90;
474
        case iPhone41_iOS934: return 0x31ab90;
475
        case iPhone51_iOS910: return 0x322460;
476
        case iPhone51_iOS920: return 0x319ea0;
477
        case iPhone51_iOS921: return 0x319fa0;
478
        case iPhone51_iOS930: return 0x321810;
479
        case iPhone51_iOS931: return 0x321810;
480
        case iPhone51_iOS932: return 0x321818;
481
        case iPhone51_iOS933: return 0x3219fc;
482
        case iPhone51_iOS934: return 0x3219fc;
483
        case iPhone52_iOS902: return 0x320f00;
484
        case iPhone52_iOS910: return 0x322460;
485
        case iPhone52_iOS920: return 0x319ea0;
486
        case iPhone52_iOS921: return 0x319fa0;
487
        case iPhone52_iOS930: return 0x321810;
488
        case iPhone52_iOS931: return 0x321810;
489
        case iPhone52_iOS932: return 0x321818;
490
        case iPhone52_iOS933: return 0x3219fc;
491
        case iPhone52_iOS934: return 0x3219fc;
492
        case iPhone53_iOS910: return 0x322460;
493
        case iPhone53_iOS920: return 0x319ea0;
494
        case iPhone53_iOS921: return 0x319fa0;
495
        case iPhone53_iOS930: return 0x321810;
496
        case iPhone53_iOS931: return 0x321810;
497
        case iPhone53_iOS932: return 0x321818;
498
        case iPhone53_iOS933: return 0x3219fc;
499
        case iPhone53_iOS934: return 0x3219fc;
500
        case iPhone54_iOS910: return 0x322460;
501
        case iPhone54_iOS920: return 0x319ea0;
502
        case iPhone54_iOS921: return 0x319fa0;
503
        case iPhone54_iOS930: return 0x321810;
504
        case iPhone54_iOS931: return 0x321810;
505
        case iPhone54_iOS932: return 0x321818;
506
        case iPhone54_iOS933: return 0x3219fc;
507
        case iPhone54_iOS934: return 0x3219fc;
508
        case iPad21_iOS910: return 0x31bc3c;
509
        case iPad21_iOS920: return 0x312e18;
510
        case iPad21_iOS921: return 0x312f18;
511
        case iPad21_iOS930: return 0x31a934;
512
        case iPad21_iOS931: return 0x31a934;
513
        case iPad21_iOS932: return 0x31aa6c;
514
        case iPad21_iOS933: return 0x31ab90;
515
        case iPad21_iOS934: return 0x31ab90;
516
        case iPad22_iOS910: return 0x31bc3c;
517
        case iPad22_iOS920: return 0x312e18;
518
        case iPad22_iOS921: return 0x312f18;
519
        case iPad22_iOS930: return 0x31a934;
520
        case iPad22_iOS931: return 0x31a934;
521
        case iPad22_iOS932: return 0x31aa6c;
522
        case iPad22_iOS933: return 0x31ab90;
523
        case iPad22_iOS934: return 0x31ab90;
524
        case iPad23_iOS910: return 0x31bc3c;
525
        case iPad23_iOS920: return 0x312e18;
526
        case iPad23_iOS921: return 0x312f18;
527
        case iPad23_iOS930: return 0x31a934;
528
        case iPad23_iOS931: return 0x31a934;
529
        case iPad23_iOS932: return 0x31aa6c;
530
        case iPad23_iOS933: return 0x31ab90;
531
        case iPad23_iOS934: return 0x31ab90;
532
        case iPad24_iOS910: return 0x31bc3c;
533
        case iPad24_iOS920: return 0x312e18;
534
        case iPad24_iOS921: return 0x312f18;
535
        case iPad24_iOS930: return 0x31a934;
536
        case iPad24_iOS931: return 0x31a934;
537
        case iPad24_iOS932: return 0x31aa6c;
538
        case iPad24_iOS933: return 0x31ab90;
539
        case iPad24_iOS934: return 0x31ab90;
540
        case iPad25_iOS902: return 0x31a5d0;
541
        case iPad31_iOS910: return 0x31bc3c;
542
        case iPad31_iOS920: return 0x312e18;
543
        case iPad31_iOS921: return 0x312f18;
544
        case iPad31_iOS930: return 0x31a934;
545
        case iPad31_iOS931: return 0x31a934;
546
        case iPad31_iOS932: return 0x31aa6c;
547
        case iPad31_iOS933: return 0x31ab90;
548
        case iPad31_iOS934: return 0x31ab90;
549
        case iPad32_iOS910: return 0x31bc3c;
550
        case iPad32_iOS920: return 0x312e18;
551
        case iPad32_iOS921: return 0x312f18;
552
        case iPad32_iOS930: return 0x31a934;
553
        case iPad32_iOS931: return 0x31a934;
554
        case iPad32_iOS932: return 0x31aa6c;
555
        case iPad32_iOS933: return 0x31ab90;
556
        case iPad32_iOS934: return 0x31ab90;
557
        case iPad33_iOS902: return 0x31a5d0;
558
        case iPad33_iOS910: return 0x31bc3c;
559
        case iPad33_iOS920: return 0x312e18;
560
        case iPad33_iOS921: return 0x312f18;
561
        case iPad33_iOS930: return 0x31a934;
562
        case iPad33_iOS931: return 0x31a934;
563
        case iPad33_iOS932: return 0x31aa6c;
564
        case iPad33_iOS933: return 0x31ab90;
565
        case iPad33_iOS934: return 0x31ab90;
566
        case iPad34_iOS910: return 0x322460;
567
        case iPad34_iOS920: return 0x319ea0;
568
        case iPad34_iOS921: return 0x319fa0;
569
        case iPad34_iOS930: return 0x321810;
570
        case iPad34_iOS931: return 0x321810;
571
        case iPad34_iOS932: return 0x321818;
572
        case iPad34_iOS933: return 0x3219fc;
573
        case iPad34_iOS934: return 0x3219fc;
574
        case iPad35_iOS910: return 0x322460;
575
        case iPad35_iOS920: return 0x319ea0;
576
        case iPad35_iOS921: return 0x319fa0;
577
        case iPad35_iOS930: return 0x321810;
578
        case iPad35_iOS931: return 0x321810;
579
        case iPad35_iOS932: return 0x321818;
580
        case iPad35_iOS933: return 0x3219fc;
581
        case iPad35_iOS934: return 0x3219fc;
582
        case iPad36_iOS910: return 0x322460;
583
        case iPad36_iOS920: return 0x319ea0;
584
        case iPad36_iOS921: return 0x319fa0;
585
        case iPad36_iOS930: return 0x321810;
586
        case iPad36_iOS931: return 0x321810;
587
        case iPad36_iOS932: return 0x321818;
588
        case iPad36_iOS933: return 0x3219fc;
589
        case iPad36_iOS934: return 0x3219fc;
590
        case iPod51_iOS910: return 0x31bc3c;
591
        case iPod51_iOS920: return 0x312e18;
592
        case iPod51_iOS921: return 0x312f18;
593
        case iPod51_iOS930: return 0x31a934;
594
        case iPod51_iOS931: return 0x31a934;
595
        case iPod51_iOS932: return 0x31aa6c;
596
        case iPod51_iOS933: return 0x31ab90;
597
        case iPod51_iOS934: return 0x31ab90;
598
        default: return 0;
599
    }
600
}
601

602
static inline unsigned int find_calend_gettime(void) {
603
    switch (target_environment) {
604
        case iPhone41_iOS902: return 0x1daec;
605
        case iPhone41_iOS910: return 0x1db34;
606
        case iPhone41_iOS920: return 0x1de84;
607
        case iPhone41_iOS921: return 0x1de60;
608
        case iPhone41_iOS930: return 0x1e170;
609
        case iPhone41_iOS931: return 0x1e170;
610
        case iPhone41_iOS932: return 0x1e170;
611
        case iPhone41_iOS933: return 0x1e200;
612
        case iPhone41_iOS934: return 0x1e200;
613
        case iPhone51_iOS910: return 0x1e76c;
614
        case iPhone51_iOS920: return 0x1ebac;
615
        case iPhone51_iOS921: return 0x1eb88;
616
        case iPhone51_iOS930: return 0x1ee6c;
617
        case iPhone51_iOS931: return 0x1ee6c;
618
        case iPhone51_iOS932: return 0x1ee6c;
619
        case iPhone51_iOS933: return 0x1eeac;
620
        case iPhone51_iOS934: return 0x1eeac;
621
        case iPhone52_iOS902: return 0x1e718;
622
        case iPhone52_iOS910: return 0x1e76c;
623
        case iPhone52_iOS920: return 0x1ebac;
624
        case iPhone52_iOS921: return 0x1eb88;
625
        case iPhone52_iOS930: return 0x1ee6c;
626
        case iPhone52_iOS931: return 0x1ee6c;
627
        case iPhone52_iOS932: return 0x1ee6c;
628
        case iPhone52_iOS933: return 0x1eeac;
629
        case iPhone52_iOS934: return 0x1eeac;
630
        case iPhone53_iOS910: return 0x1e76c;
631
        case iPhone53_iOS920: return 0x1ebac;
632
        case iPhone53_iOS921: return 0x1eb88;
633
        case iPhone53_iOS930: return 0x1ee6c;
634
        case iPhone53_iOS931: return 0x1ee6c;
635
        case iPhone53_iOS932: return 0x1ee6c;
636
        case iPhone53_iOS933: return 0x1eeac;
637
        case iPhone53_iOS934: return 0x1eeac;
638
        case iPhone54_iOS910: return 0x1e76c;
639
        case iPhone54_iOS920: return 0x1ebac;
640
        case iPhone54_iOS921: return 0x1eb88;
641
        case iPhone54_iOS930: return 0x1ee6c;
642
        case iPhone54_iOS931: return 0x1ee6c;
643
        case iPhone54_iOS932: return 0x1ee6c;
644
        case iPhone54_iOS933: return 0x1eeac;
645
        case iPhone54_iOS934: return 0x1eeac;
646
        case iPad21_iOS910: return 0x1db34;
647
        case iPad21_iOS920: return 0x1de84;
648
        case iPad21_iOS921: return 0x1de60;
649
        case iPad21_iOS930: return 0x1e170;
650
        case iPad21_iOS931: return 0x1e170;
651
        case iPad21_iOS932: return 0x1e170;
652
        case iPad21_iOS933: return 0x1e200;
653
        case iPad21_iOS934: return 0x1e200;
654
        case iPad22_iOS910: return 0x1db34;
655
        case iPad22_iOS920: return 0x1de84;
656
        case iPad22_iOS921: return 0x1de60;
657
        case iPad22_iOS930: return 0x1e170;
658
        case iPad22_iOS931: return 0x1e170;
659
        case iPad22_iOS932: return 0x1e170;
660
        case iPad22_iOS933: return 0x1e200;
661
        case iPad22_iOS934: return 0x1e200;
662
        case iPad23_iOS910: return 0x1db34;
663
        case iPad23_iOS920: return 0x1de84;
664
        case iPad23_iOS921: return 0x1de60;
665
        case iPad23_iOS930: return 0x1e170;
666
        case iPad23_iOS931: return 0x1e170;
667
        case iPad23_iOS932: return 0x1e170;
668
        case iPad23_iOS933: return 0x1e200;
669
        case iPad23_iOS934: return 0x1e200;
670
        case iPad24_iOS910: return 0x1db34;
671
        case iPad24_iOS920: return 0x1de84;
672
        case iPad24_iOS921: return 0x1de60;
673
        case iPad24_iOS930: return 0x1e170;
674
        case iPad24_iOS931: return 0x1e170;
675
        case iPad24_iOS932: return 0x1e170;
676
        case iPad24_iOS933: return 0x1e200;
677
        case iPad24_iOS934: return 0x1e200;
678
        case iPad25_iOS902: return 0x1daec;
679
        case iPad31_iOS910: return 0x1db34;
680
        case iPad31_iOS920: return 0x1de84;
681
        case iPad31_iOS921: return 0x1de60;
682
        case iPad31_iOS930: return 0x1e170;
683
        case iPad31_iOS931: return 0x1e170;
684
        case iPad31_iOS932: return 0x1e170;
685
        case iPad31_iOS933: return 0x1e200;
686
        case iPad31_iOS934: return 0x1e200;
687
        case iPad32_iOS910: return 0x1db34;
688
        case iPad32_iOS920: return 0x1de84;
689
        case iPad32_iOS921: return 0x1de60;
690
        case iPad32_iOS930: return 0x1e170;
691
        case iPad32_iOS931: return 0x1e170;
692
        case iPad32_iOS932: return 0x1e170;
693
        case iPad32_iOS933: return 0x1e200;
694
        case iPad32_iOS934: return 0x1e200;
695
        case iPad33_iOS902: return 0x1daec;
696
        case iPad33_iOS910: return 0x1db34;
697
        case iPad33_iOS920: return 0x1de84;
698
        case iPad33_iOS921: return 0x1de60;
699
        case iPad33_iOS930: return 0x1e170;
700
        case iPad33_iOS931: return 0x1e170;
701
        case iPad33_iOS932: return 0x1e170;
702
        case iPad33_iOS933: return 0x1e200;
703
        case iPad33_iOS934: return 0x1e200;
704
        case iPad34_iOS910: return 0x1e76c;
705
        case iPad34_iOS920: return 0x1ebac;
706
        case iPad34_iOS921: return 0x1eb88;
707
        case iPad34_iOS930: return 0x1ee6c;
708
        case iPad34_iOS931: return 0x1ee6c;
709
        case iPad34_iOS932: return 0x1ee6c;
710
        case iPad34_iOS933: return 0x1eeac;
711
        case iPad34_iOS934: return 0x1eeac;
712
        case iPad35_iOS910: return 0x1e76c;
713
        case iPad35_iOS920: return 0x1ebac;
714
        case iPad35_iOS921: return 0x1eb88;
715
        case iPad35_iOS930: return 0x1ee6c;
716
        case iPad35_iOS931: return 0x1ee6c;
717
        case iPad35_iOS932: return 0x1ee6c;
718
        case iPad35_iOS933: return 0x1eeac;
719
        case iPad35_iOS934: return 0x1eeac;
720
        case iPad36_iOS910: return 0x1e76c;
721
        case iPad36_iOS920: return 0x1ebac;
722
        case iPad36_iOS921: return 0x1eb88;
723
        case iPad36_iOS930: return 0x1ee6c;
724
        case iPad36_iOS931: return 0x1ee6c;
725
        case iPad36_iOS932: return 0x1ee6c;
726
        case iPad36_iOS933: return 0x1eeac;
727
        case iPad36_iOS934: return 0x1eeac;
728
        case iPod51_iOS910: return 0x1db34;
729
        case iPod51_iOS920: return 0x1de84;
730
        case iPod51_iOS921: return 0x1de60;
731
        case iPod51_iOS930: return 0x1e170;
732
        case iPod51_iOS931: return 0x1e170;
733
        case iPod51_iOS932: return 0x1e170;
734
        case iPod51_iOS933: return 0x1e200;
735
        case iPod51_iOS934: return 0x1e200;
736
        default: return 0;
737
    }
738
}
739

740
static inline unsigned int find_bufattr_cpx(void) {
741
    switch (target_environment) {
742
        case iPhone41_iOS902: return 0xd97d0;
743
        case iPhone41_iOS910: return 0xd97d0;
744
        case iPhone41_iOS920: return 0xd8750;
745
        case iPhone41_iOS921: return 0xd8750;
746
        case iPhone41_iOS930: return 0xd9848;
747
        case iPhone41_iOS931: return 0xd9848;
748
        case iPhone41_iOS932: return 0xd9848;
749
        case iPhone41_iOS933: return 0xd9838;
750
        case iPhone41_iOS934: return 0xd9838;
751
        case iPhone51_iOS910: return 0xde9fc;
752
        case iPhone51_iOS920: return 0xdd9dc;
753
        case iPhone51_iOS921: return 0xdd9dc;
754
        case iPhone51_iOS930: return 0xdea48;
755
        case iPhone51_iOS931: return 0xdea48;
756
        case iPhone51_iOS932: return 0xdea48;
757
        case iPhone51_iOS933: return 0xdea48;
758
        case iPhone51_iOS934: return 0xdea48;
759
        case iPhone52_iOS902: return 0xde9fc;
760
        case iPhone52_iOS910: return 0xde9fc;
761
        case iPhone52_iOS920: return 0xdd9dc;
762
        case iPhone52_iOS921: return 0xdd9dc;
763
        case iPhone52_iOS930: return 0xdea48;
764
        case iPhone52_iOS931: return 0xdea48;
765
        case iPhone52_iOS932: return 0xdea48;
766
        case iPhone52_iOS933: return 0xdea48;
767
        case iPhone52_iOS934: return 0xdea48;
768
        case iPhone53_iOS910: return 0xde9fc;
769
        case iPhone53_iOS920: return 0xdd9dc;
770
        case iPhone53_iOS921: return 0xdd9dc;
771
        case iPhone53_iOS930: return 0xdea48;
772
        case iPhone53_iOS931: return 0xdea48;
773
        case iPhone53_iOS932: return 0xdea48;
774
        case iPhone53_iOS933: return 0xdea48;
775
        case iPhone53_iOS934: return 0xdea48;
776
        case iPhone54_iOS910: return 0xde9fc;
777
        case iPhone54_iOS920: return 0xdd9dc;
778
        case iPhone54_iOS921: return 0xdd9dc;
779
        case iPhone54_iOS930: return 0xdea48;
780
        case iPhone54_iOS931: return 0xdea48;
781
        case iPhone54_iOS932: return 0xdea48;
782
        case iPhone54_iOS933: return 0xdea48;
783
        case iPhone54_iOS934: return 0xdea48;
784
        case iPad21_iOS910: return 0xd97d0;
785
        case iPad21_iOS920: return 0xd8750;
786
        case iPad21_iOS921: return 0xd8750;
787
        case iPad21_iOS930: return 0xd9848;
788
        case iPad21_iOS931: return 0xd9848;
789
        case iPad21_iOS932: return 0xd9848;
790
        case iPad21_iOS933: return 0xd9838;
791
        case iPad21_iOS934: return 0xd9838;
792
        case iPad22_iOS910: return 0xd97d0;
793
        case iPad22_iOS920: return 0xd8750;
794
        case iPad22_iOS921: return 0xd8750;
795
        case iPad22_iOS930: return 0xd9848;
796
        case iPad22_iOS931: return 0xd9848;
797
        case iPad22_iOS932: return 0xd9848;
798
        case iPad22_iOS933: return 0xd9838;
799
        case iPad22_iOS934: return 0xd9838;
800
        case iPad23_iOS910: return 0xd97d0;
801
        case iPad23_iOS920: return 0xd8750;
802
        case iPad23_iOS921: return 0xd8750;
803
        case iPad23_iOS930: return 0xd9848;
804
        case iPad23_iOS931: return 0xd9848;
805
        case iPad23_iOS932: return 0xd9848;
806
        case iPad23_iOS933: return 0xd9838;
807
        case iPad23_iOS934: return 0xd9838;
808
        case iPad24_iOS910: return 0xd97d0;
809
        case iPad24_iOS920: return 0xd8750;
810
        case iPad24_iOS921: return 0xd8750;
811
        case iPad24_iOS930: return 0xd9848;
812
        case iPad24_iOS932: return 0xd9848;
813
        case iPad24_iOS933: return 0xd9838;
814
        case iPad24_iOS934: return 0xd9838;
815
        case iPad25_iOS902: return 0xd97d0;
816
        case iPad31_iOS910: return 0xd97d0;
817
        case iPad31_iOS920: return 0xd8750;
818
        case iPad31_iOS921: return 0xd8750;
819
        case iPad31_iOS930: return 0xd9848;
820
        case iPad31_iOS931: return 0xd9848;
821
        case iPad31_iOS932: return 0xd9848;
822
        case iPad31_iOS933: return 0xd9838;
823
        case iPad31_iOS934: return 0xd9838;
824
        case iPad32_iOS910: return 0xd97d0;
825
        case iPad32_iOS920: return 0xd8750;
826
        case iPad32_iOS921: return 0xd8750;
827
        case iPad32_iOS930: return 0xd9848;
828
        case iPad32_iOS931: return 0xd9848;
829
        case iPad32_iOS932: return 0xd9848;
830
        case iPad32_iOS933: return 0xd9838;
831
        case iPad32_iOS934: return 0xd9838;
832
        case iPad33_iOS902: return 0xd97d0;
833
        case iPad33_iOS910: return 0xd97d0;
834
        case iPad33_iOS920: return 0xd8750;
835
        case iPad33_iOS921: return 0xd8750;
836
        case iPad33_iOS930: return 0xd9848;
837
        case iPad33_iOS931: return 0xd9848;
838
        case iPad33_iOS932: return 0xd9848;
839
        case iPad33_iOS933: return 0xd9838;
840
        case iPad33_iOS934: return 0xd9838;
841
        case iPad34_iOS910: return 0xde9fc;
842
        case iPad34_iOS920: return 0xdd9dc;
843
        case iPad34_iOS921: return 0xdd9dc;
844
        case iPad34_iOS930: return 0xdea48;
845
        case iPad34_iOS931: return 0xdea48;
846
        case iPad34_iOS932: return 0xdea48;
847
        case iPad34_iOS933: return 0xdea48;
848
        case iPad34_iOS934: return 0xdea48;
849
        case iPad35_iOS910: return 0xde9fc;
850
        case iPad35_iOS920: return 0xdd9dc;
851
        case iPad35_iOS921: return 0xdd9dc;
852
        case iPad35_iOS930: return 0xdea48;
853
        case iPad35_iOS931: return 0xdea48;
854
        case iPad35_iOS932: return 0xdea48;
855
        case iPad35_iOS933: return 0xdea48;
856
        case iPad35_iOS934: return 0xdea48;
857
        case iPad36_iOS910: return 0xde9fc;
858
        case iPad36_iOS920: return 0xdd9dc;
859
        case iPad36_iOS921: return 0xdd9dc;
860
        case iPad36_iOS930: return 0xdea48;
861
        case iPad36_iOS931: return 0xdea48;
862
        case iPad36_iOS932: return 0xdea48;
863
        case iPad36_iOS933: return 0xdea48;
864
        case iPad36_iOS934: return 0xdea48;
865
        case iPod51_iOS910: return 0xd97d0;
866
        case iPod51_iOS920: return 0xd8750;
867
        case iPod51_iOS921: return 0xd8750;
868
        case iPod51_iOS930: return 0xd9848;
869
        case iPod51_iOS931: return 0xd9848;
870
        case iPod51_iOS932: return 0xd9848;
871
        case iPod51_iOS933: return 0xd9838;
872
        case iPod51_iOS934: return 0xd9838;
873
        default: return 0;
874
    }
875
}
876

877
static inline unsigned int find_clock_ops(void) {
878
    switch (target_environment) {
879
        case iPhone41_iOS902: return 0x4043cc;
880
        case iPhone41_iOS910: return 0x4053cc;
881
        case iPhone41_iOS920: return 0x3fc3dc;
882
        case iPhone41_iOS921: return 0x3fc3dc;
883
        case iPhone41_iOS930: return 0x403428;
884
        case iPhone41_iOS931: return 0x403428;
885
        case iPhone41_iOS932: return 0x403428;
886
        case iPhone41_iOS933: return 0x403428;
887
        case iPhone41_iOS934: return 0x403428;
888
        case iPhone51_iOS910: return 0x40c5a0;
889
        case iPhone51_iOS920: return 0x4033dc;
890
        case iPhone51_iOS921: return 0x4033dc;
891
        case iPhone51_iOS930: return 0x403428;
892
        case iPhone51_iOS931: return 0x40b428;
893
        case iPhone51_iOS932: return 0x40b428;
894
        case iPhone51_iOS933: return 0x40b428;
895
        case iPhone51_iOS934: return 0x40b428;
896
        case iPhone52_iOS902: return 0x40a3cc;
897
        case iPhone52_iOS910: return 0x40c5a0;
898
        case iPhone52_iOS920: return 0x4033dc;
899
        case iPhone52_iOS921: return 0x4033dc;
900
        case iPhone52_iOS930: return 0x403428;
901
        case iPhone52_iOS931: return 0x40b428;
902
        case iPhone52_iOS932: return 0x40b428;
903
        case iPhone52_iOS933: return 0x40b428;
904
        case iPhone52_iOS934: return 0x40b428;
905
        case iPhone53_iOS910: return 0x40c5a0;
906
        case iPhone53_iOS920: return 0x4033dc;
907
        case iPhone53_iOS921: return 0x4033dc;
908
        case iPhone53_iOS930: return 0x403428;
909
        case iPhone53_iOS931: return 0x40b428;
910
        case iPhone53_iOS932: return 0x40b428;
911
        case iPhone53_iOS933: return 0x40b428;
912
        case iPhone53_iOS934: return 0x40b428;
913
        case iPhone54_iOS910: return 0x40c5a0;
914
        case iPhone54_iOS920: return 0x4035a0;
915
        case iPhone54_iOS921: return 0x4035a0;
916
        case iPhone54_iOS930: return 0x403428;
917
        case iPhone54_iOS931: return 0x40b428;
918
        case iPhone54_iOS932: return 0x40b428;
919
        case iPhone54_iOS933: return 0x40b428;
920
        case iPhone54_iOS934: return 0x40b428;
921
        case iPad21_iOS910: return 0x4053cc;
922
        case iPad21_iOS920: return 0x3fc3dc;
923
        case iPad21_iOS921: return 0x3fc3dc;
924
        case iPad21_iOS930: return 0x403428;
925
        case iPad21_iOS931: return 0x403428;
926
        case iPad21_iOS932: return 0x403428;
927
        case iPad21_iOS933: return 0x403428;
928
        case iPad21_iOS934: return 0x403428;
929
        case iPad22_iOS910: return 0x4053cc;
930
        case iPad22_iOS920: return 0x3fc3dc;
931
        case iPad22_iOS921: return 0x3fc3dc;
932
        case iPad22_iOS930: return 0x403428;
933
        case iPad22_iOS931: return 0x403428;
934
        case iPad22_iOS932: return 0x403428;
935
        case iPad22_iOS933: return 0x403428;
936
        case iPad22_iOS934: return 0x403428;
937
        case iPad23_iOS910: return 0x4053cc;
938
        case iPad23_iOS920: return 0x3fc3dc;
939
        case iPad23_iOS921: return 0x2fc3dc;
940
        case iPad23_iOS930: return 0x403428;
941
        case iPad23_iOS931: return 0x403428;
942
        case iPad23_iOS932: return 0x403428;
943
        case iPad23_iOS933: return 0x403428;
944
        case iPad23_iOS934: return 0x403428;
945
        case iPad24_iOS910: return 0x4053cc;
946
        case iPad24_iOS920: return 0x3fc3dc;
947
        case iPad24_iOS921: return 0x2fc3dc;
948
        case iPad24_iOS930: return 0x403428;
949
        case iPad24_iOS931: return 0x403428;
950
        case iPad24_iOS932: return 0x403428;
951
        case iPad24_iOS933: return 0x403428;
952
        case iPad24_iOS934: return 0x403428;
953
        case iPad25_iOS902: return 0x4043c0;
954
        case iPad31_iOS910: return 0x4053cc;
955
        case iPad31_iOS920: return 0x3fc3dc;
956
        case iPad31_iOS921: return 0x3fc3dc;
957
        case iPad31_iOS930: return 0x403428;
958
        case iPad31_iOS931: return 0x403428;
959
        case iPad31_iOS932: return 0x403428;
960
        case iPad31_iOS933: return 0x403428;
961
        case iPad31_iOS934: return 0x403428;
962
        case iPad32_iOS910: return 0x4053cc;
963
        case iPad32_iOS920: return 0x3fc3dc;
964
        case iPad32_iOS921: return 0x3fc3dc;
965
        case iPad32_iOS930: return 0x403428;
966
        case iPad32_iOS931: return 0x403428;
967
        case iPad32_iOS932: return 0x403428;
968
        case iPad32_iOS933: return 0x403428;
969
        case iPad32_iOS934: return 0x403428;
970
        case iPad33_iOS902: return 0x4043c0;
971
        case iPad33_iOS910: return 0x4053cc;
972
        case iPad33_iOS920: return 0x3fc3dc;
973
        case iPad33_iOS921: return 0x3fc3dc;
974
        case iPad33_iOS930: return 0x403428;
975
        case iPad33_iOS931: return 0x403428;
976
        case iPad33_iOS932: return 0x403428;
977
        case iPad33_iOS933: return 0x403428;
978
        case iPad33_iOS934: return 0x403428;
979
        case iPad34_iOS910: return 0x40c3cc;
980
        case iPad34_iOS920: return 0x4033dc;
981
        case iPad34_iOS921: return 0x4033dc;
982
        case iPad34_iOS930: return 0x403428;
983
        case iPad34_iOS931: return 0x40b428;
984
        case iPad34_iOS932: return 0x40b428;
985
        case iPad34_iOS933: return 0x40b428;
986
        case iPad34_iOS934: return 0x40b428;
987
        case iPad35_iOS910: return 0x40c3cc;
988
        case iPad35_iOS920: return 0x4033dc;
989
        case iPad35_iOS921: return 0x4033dc;
990
        case iPad35_iOS930: return 0x403428;
991
        case iPad35_iOS931: return 0x40b428;
992
        case iPad35_iOS932: return 0x40b428;
993
        case iPad35_iOS933: return 0x40b428;
994
        case iPad35_iOS934: return 0x40b428;
995
        case iPad36_iOS910: return 0x40c3cc;
996
        case iPad36_iOS920: return 0x4033dc;
997
        case iPad36_iOS921: return 0x4033dc;
998
        case iPad36_iOS930: return 0x403428;
999
        case iPad36_iOS931: return 0x40b428;
1000
        case iPad36_iOS932: return 0x40b428;
1001
        case iPad36_iOS933: return 0x40b428;
1002
        case iPad36_iOS934: return 0x40b428;
1003
        case iPod51_iOS910: return 0x4053cc;
1004
        case iPod51_iOS920: return 0x3fc3dc;
1005
        case iPod51_iOS921: return 0x3fc3dc;
1006
        case iPod51_iOS930: return 0x403428;
1007
        case iPod51_iOS931: return 0x403428;
1008
        case iPod51_iOS932: return 0x403428;
1009
        case iPod51_iOS933: return 0x403428;
1010
        case iPod51_iOS934: return 0x403428;
1011
        default: return 0;
1012
    }
1013
}
1014

1015
static inline unsigned int find_copyin(void) {
1016
    switch (target_environment) {
1017
        case iPhone41_iOS902: return 0xc7754;
1018
        case iPhone41_iOS910: return 0xc7754;
1019
        case iPhone41_iOS920: return 0xc6754;
1020
        case iPhone41_iOS921: return 0xc6754;
1021
        case iPhone41_iOS930: return 0xc76b4;
1022
        case iPhone41_iOS931: return 0xc76b4;
1023
        case iPhone41_iOS932: return 0xc76b4;
1024
        case iPhone41_iOS933: return 0xc76b4;
1025
        case iPhone41_iOS934: return 0xc76b4;
1026
        case iPhone51_iOS910: return 0xcb87c;
1027
        case iPhone51_iOS920: return 0xca87c;
1028
        case iPhone51_iOS921: return 0xca87c;
1029
        case iPhone51_iOS930: return 0xcb7dc;
1030
        case iPhone51_iOS931: return 0xcb7dc;
1031
        case iPhone51_iOS932: return 0xcb7dc;
1032
        case iPhone51_iOS933: return 0xcb7dc;
1033
        case iPhone51_iOS934: return 0xcb7dc;
1034
        case iPhone52_iOS902: return 0xcb87c;
1035
        case iPhone52_iOS910: return 0xcb87c;
1036
        case iPhone52_iOS920: return 0xca87c;
1037
        case iPhone52_iOS921: return 0xca87c;
1038
        case iPhone52_iOS930: return 0xcb7dc;
1039
        case iPhone52_iOS931: return 0xcb7dc;
1040
        case iPhone52_iOS932: return 0xcb7dc;
1041
        case iPhone52_iOS933: return 0xcb7dc;
1042
        case iPhone52_iOS934: return 0xcb7dc;
1043
        case iPhone53_iOS910: return 0xcb87c;
1044
        case iPhone53_iOS920: return 0xca87c;
1045
        case iPhone53_iOS921: return 0xca87c;
1046
        case iPhone53_iOS930: return 0xcb7dc;
1047
        case iPhone53_iOS931: return 0xcb7dc;
1048
        case iPhone53_iOS932: return 0xcb7dc;
1049
        case iPhone53_iOS933: return 0xcb7dc;
1050
        case iPhone53_iOS934: return 0xcb7dc;
1051
        case iPhone54_iOS910: return 0xcb87c;
1052
        case iPhone54_iOS920: return 0xca87c;
1053
        case iPhone54_iOS921: return 0xca87c;
1054
        case iPhone54_iOS930: return 0xcb7dc;
1055
        case iPhone54_iOS931: return 0xcb7dc;
1056
        case iPhone54_iOS932: return 0xcb7dc;
1057
        case iPhone54_iOS933: return 0xcb7dc;
1058
        case iPhone54_iOS934: return 0xcb7dc;
1059
        case iPad21_iOS910: return 0xc7754;
1060
        case iPad21_iOS920: return 0xc6754;
1061
        case iPad21_iOS921: return 0xc6754;
1062
        case iPad21_iOS930: return 0xc76b4;
1063
        case iPad21_iOS931: return 0xc76b4;
1064
        case iPad21_iOS932: return 0xc76b4;
1065
        case iPad21_iOS933: return 0xc76b4;
1066
        case iPad21_iOS934: return 0xc76b4;
1067
        case iPad22_iOS910: return 0xc7754;
1068
        case iPad22_iOS920: return 0xc6754;
1069
        case iPad22_iOS921: return 0xc6754;
1070
        case iPad22_iOS930: return 0xc76b4;
1071
        case iPad22_iOS931: return 0xc76b4;
1072
        case iPad22_iOS932: return 0xc76b4;
1073
        case iPad22_iOS933: return 0xc76b4;
1074
        case iPad22_iOS934: return 0xc76b4;
1075
        case iPad23_iOS910: return 0xc7754;
1076
        case iPad23_iOS920: return 0xc6754;
1077
        case iPad23_iOS921: return 0xc6754;
1078
        case iPad23_iOS930: return 0xc76b4;
1079
        case iPad23_iOS931: return 0xc76b4;
1080
        case iPad23_iOS932: return 0xc76b4;
1081
        case iPad23_iOS933: return 0xc76b4;
1082
        case iPad23_iOS934: return 0xc76b4;
1083
        case iPad24_iOS910: return 0xc7754;
1084
        case iPad24_iOS920: return 0xc6754;
1085
        case iPad24_iOS921: return 0xc6754;
1086
        case iPad24_iOS930: return 0xc76b4;
1087
        case iPad24_iOS931: return 0xc76b4;
1088
        case iPad24_iOS932: return 0xc76b4;
1089
        case iPad24_iOS933: return 0xc76b4;
1090
        case iPad24_iOS934: return 0xc76b4;
1091
        case iPad25_iOS902: return 0xc7754;
1092
        case iPad31_iOS910: return 0xc7754;
1093
        case iPad31_iOS920: return 0xc6754;
1094
        case iPad31_iOS921: return 0xc6754;
1095
        case iPad31_iOS930: return 0xc76b4;
1096
        case iPad31_iOS931: return 0xc76b4;
1097
        case iPad31_iOS932: return 0xc76b4;
1098
        case iPad31_iOS933: return 0xc76b4;
1099
        case iPad31_iOS934: return 0xc76b4;
1100
        case iPad32_iOS910: return 0xc7754;
1101
        case iPad32_iOS920: return 0xc6754;
1102
        case iPad32_iOS921: return 0xc6754;
1103
        case iPad32_iOS930: return 0xc76b4;
1104
        case iPad32_iOS931: return 0xc76b4;
1105
        case iPad32_iOS932: return 0xc76b4;
1106
        case iPad32_iOS933: return 0xc76b4;
1107
        case iPad32_iOS934: return 0xc76b4;
1108
        case iPad33_iOS902: return 0xc7754;
1109
        case iPad33_iOS910: return 0xc7754;
1110
        case iPad33_iOS920: return 0xc6754;
1111
        case iPad33_iOS921: return 0xc6754;
1112
        case iPad33_iOS930: return 0xc76b4;
1113
        case iPad33_iOS931: return 0xc76b4;
1114
        case iPad33_iOS932: return 0xc76b4;
1115
        case iPad33_iOS933: return 0xc76b4;
1116
        case iPad33_iOS934: return 0xc76b4;
1117
        case iPad34_iOS910: return 0xcb87c;
1118
        case iPad34_iOS920: return 0xca87c;
1119
        case iPad34_iOS921: return 0xca87c;
1120
        case iPad34_iOS930: return 0xcb7dc;
1121
        case iPad34_iOS931: return 0xcb7dc;
1122
        case iPad34_iOS932: return 0xcb7dc;
1123
        case iPad34_iOS933: return 0xcb7dc;
1124
        case iPad34_iOS934: return 0xcb7dc;
1125
        case iPad35_iOS910: return 0xcb87c;
1126
        case iPad35_iOS920: return 0xca87c;
1127
        case iPad35_iOS921: return 0xca87c;
1128
        case iPad35_iOS930: return 0xcb7dc;
1129
        case iPad35_iOS931: return 0xcb7dc;
1130
        case iPad35_iOS932: return 0xcb7dc;
1131
        case iPad35_iOS933: return 0xcb7dc;
1132
        case iPad35_iOS934: return 0xcb7dc;
1133
        case iPad36_iOS910: return 0xcb87c;
1134
        case iPad36_iOS920: return 0xca87c;
1135
        case iPad36_iOS921: return 0xca87c;
1136
        case iPad36_iOS930: return 0xcb7dc;
1137
        case iPad36_iOS931: return 0xcb7dc;
1138
        case iPad36_iOS932: return 0xcb7dc;
1139
        case iPad36_iOS933: return 0xcb7dc;
1140
        case iPad36_iOS934: return 0xcb7dc;
1141
        case iPod51_iOS910: return 0xc7754;
1142
        case iPod51_iOS920: return 0xc6754;
1143
        case iPod51_iOS921: return 0xc6754;
1144
        case iPod51_iOS930: return 0xc76b4;
1145
        case iPod51_iOS931: return 0xc76b4;
1146
        case iPod51_iOS932: return 0xc76b4;
1147
        case iPod51_iOS933: return 0xc76b4;
1148
        case iPod51_iOS934: return 0xc76b4;
1149
        default: return 0;
1150
    }
1151
}
1152

1153
static inline unsigned int find_bx_lr(void) {
1154
    switch (target_environment) {
1155
        case iPhone41_iOS902: return 0xd97d2;
1156
        case iPhone41_iOS910: return 0xd97d2;
1157
        case iPhone41_iOS920: return 0xd8752;
1158
        case iPhone41_iOS921: return 0xd8752;
1159
        case iPhone41_iOS930: return 0xd984a;
1160
        case iPhone41_iOS931: return 0xd984a;
1161
        case iPhone41_iOS932: return 0xd984a;
1162
        case iPhone41_iOS933: return 0xd983a;
1163
        case iPhone41_iOS934: return 0xd983a;
1164
        case iPhone51_iOS910: return 0xde9fe;
1165
        case iPhone51_iOS920: return 0xdd9de;
1166
        case iPhone51_iOS921: return 0xdd9de;
1167
        case iPhone51_iOS930: return 0xdea4a;
1168
        case iPhone51_iOS931: return 0xdea4a;
1169
        case iPhone51_iOS932: return 0xdea4a;
1170
        case iPhone51_iOS933: return 0xdea4a;
1171
        case iPhone51_iOS934: return 0xdea4a;
1172
        case iPhone52_iOS902: return 0xde9fe;
1173
        case iPhone52_iOS910: return 0xde9fe;
1174
        case iPhone52_iOS920: return 0xdd9de;
1175
        case iPhone52_iOS921: return 0xdd9de;
1176
        case iPhone52_iOS930: return 0xdea4a;
1177
        case iPhone52_iOS931: return 0xdea4a;
1178
        case iPhone52_iOS932: return 0xdea4a;
1179
        case iPhone52_iOS933: return 0xdea4a;
1180
        case iPhone52_iOS934: return 0xdea4a;
1181
        case iPhone53_iOS910: return 0xde9fe;
1182
        case iPhone53_iOS920: return 0xdd9de;
1183
        case iPhone53_iOS921: return 0xdd9de;
1184
        case iPhone53_iOS930: return 0xdea4a;
1185
        case iPhone53_iOS931: return 0xdea4a;
1186
        case iPhone53_iOS932: return 0xdea4a;
1187
        case iPhone53_iOS933: return 0xdea4a;
1188
        case iPhone53_iOS934: return 0xdea4a;
1189
        case iPhone54_iOS910: return 0xde9fe;
1190
        case iPhone54_iOS920: return 0xdd9de;
1191
        case iPhone54_iOS921: return 0xdd9de;
1192
        case iPhone54_iOS930: return 0xdea4a;
1193
        case iPhone54_iOS931: return 0xdea4a;
1194
        case iPhone54_iOS932: return 0xdea4a;
1195
        case iPhone54_iOS933: return 0xdea4a;
1196
        case iPhone54_iOS934: return 0xdea4a;
1197
        case iPad21_iOS910: return 0xd97d2;
1198
        case iPad21_iOS920: return 0xd8752;
1199
        case iPad21_iOS921: return 0xd8752;
1200
        case iPad21_iOS930: return 0xd984a;
1201
        case iPad21_iOS931: return 0xd984a;
1202
        case iPad21_iOS932: return 0xd984a;
1203
        case iPad21_iOS933: return 0xd983a;
1204
        case iPad21_iOS934: return 0xd983a;
1205
        case iPad22_iOS910: return 0xd97d2;
1206
        case iPad22_iOS920: return 0xd8752;
1207
        case iPad22_iOS921: return 0xd8752;
1208
        case iPad22_iOS930: return 0xd984a;
1209
        case iPad22_iOS931: return 0xd984a;
1210
        case iPad22_iOS932: return 0xd984a;
1211
        case iPad22_iOS933: return 0xd983a;
1212
        case iPad22_iOS934: return 0xd983a;
1213
        case iPad23_iOS910: return 0xd97d2;
1214
        case iPad23_iOS920: return 0xd8752;
1215
        case iPad23_iOS921: return 0xd8752;
1216
        case iPad23_iOS930: return 0xd984a;
1217
        case iPad23_iOS931: return 0xd984a;
1218
        case iPad23_iOS932: return 0xd984a;
1219
        case iPad23_iOS933: return 0xd983a;
1220
        case iPad23_iOS934: return 0xd983a;
1221
        case iPad24_iOS910: return 0xd97d2;
1222
        case iPad24_iOS920: return 0xd8752;
1223
        case iPad24_iOS921: return 0xd8752;
1224
        case iPad24_iOS930: return 0xd984a;
1225
        case iPad24_iOS931: return 0xd984a;
1226
        case iPad24_iOS932: return 0xd984a;
1227
        case iPad24_iOS933: return 0xd983a;
1228
        case iPad24_iOS934: return 0xd983a;
1229
        case iPad25_iOS902: return 0xd97d2;
1230
        case iPad31_iOS910: return 0xd97d2;
1231
        case iPad31_iOS920: return 0xd8752;
1232
        case iPad31_iOS921: return 0xd8752;
1233
        case iPad31_iOS930: return 0xd984a;
1234
        case iPad31_iOS931: return 0xd984a;
1235
        case iPad31_iOS932: return 0xd984a;
1236
        case iPad31_iOS933: return 0xd983a;
1237
        case iPad31_iOS934: return 0xd983a;
1238
        case iPad32_iOS910: return 0xd97d2;
1239
        case iPad32_iOS920: return 0xd8752;
1240
        case iPad32_iOS921: return 0xd8752;
1241
        case iPad32_iOS930: return 0xd984a;
1242
        case iPad32_iOS931: return 0xd984a;
1243
        case iPad32_iOS932: return 0xd984a;
1244
        case iPad32_iOS933: return 0xd983a;
1245
        case iPad32_iOS934: return 0xd983a;
1246
        case iPad33_iOS902: return 0xd97d2;
1247
        case iPad33_iOS910: return 0xd97d2;
1248
        case iPad33_iOS920: return 0xd8752;
1249
        case iPad33_iOS921: return 0xd8752;
1250
        case iPad33_iOS930: return 0xd984a;
1251
        case iPad33_iOS931: return 0xd984a;
1252
        case iPad33_iOS932: return 0xd984a;
1253
        case iPad33_iOS933: return 0xd983a;
1254
        case iPad33_iOS934: return 0xd983a;
1255
        case iPad34_iOS910: return 0xde9fe;
1256
        case iPad34_iOS920: return 0xdd9de;
1257
        case iPad34_iOS921: return 0xdd9de;
1258
        case iPad34_iOS930: return 0xdea4a;
1259
        case iPad34_iOS931: return 0xdea4a;
1260
        case iPad34_iOS932: return 0xdea4a;
1261
        case iPad34_iOS933: return 0xdea4a;
1262
        case iPad34_iOS934: return 0xdea4a;
1263
        case iPad35_iOS910: return 0xde9fe;
1264
        case iPad35_iOS920: return 0xdd9de;
1265
        case iPad35_iOS921: return 0xdd9de;
1266
        case iPad35_iOS930: return 0xdea4a;
1267
        case iPad35_iOS931: return 0xdea4a;
1268
        case iPad35_iOS932: return 0xdea4a;
1269
        case iPad35_iOS933: return 0xdea4a;
1270
        case iPad35_iOS934: return 0xdea4a;
1271
        case iPad36_iOS910: return 0xde9fe;
1272
        case iPad36_iOS920: return 0xdd9de;
1273
        case iPad36_iOS921: return 0xdd9de;
1274
        case iPad36_iOS930: return 0xdea4a;
1275
        case iPad36_iOS931: return 0xdea4a;
1276
        case iPad36_iOS932: return 0xdea4a;
1277
        case iPad36_iOS933: return 0xdea4a;
1278
        case iPad36_iOS934: return 0xdea4a;
1279
        case iPod51_iOS910: return 0xd97d2;
1280
        case iPod51_iOS920: return 0xd8752;
1281
        case iPod51_iOS921: return 0xd8752;
1282
        case iPod51_iOS930: return 0xd984a;
1283
        case iPod51_iOS931: return 0xd984a;
1284
        case iPod51_iOS932: return 0xd984a;
1285
        case iPod51_iOS933: return 0xd983a;
1286
        case iPod51_iOS934: return 0xd983a;
1287
        default: return 0;
1288
    }
1289
}
1290

1291
static inline unsigned int find_write_gadget(void) {
1292
    switch (target_environment) {
1293
        case iPhone41_iOS902: return 0xc7488;
1294
        case iPhone41_iOS910: return 0xc7488;
1295
        case iPhone41_iOS920: return 0xc6488;
1296
        case iPhone41_iOS921: return 0xc6488;
1297
        case iPhone41_iOS930: return 0xc73e8;
1298
        case iPhone41_iOS931: return 0xc73e8;
1299
        case iPhone41_iOS932: return 0xc73e8;
1300
        case iPhone41_iOS933: return 0xc73e8;
1301
        case iPhone41_iOS934: return 0xc73e8;
1302
        case iPhone51_iOS910: return 0xcb5a8;
1303
        case iPhone51_iOS920: return 0xca5a8;
1304
        case iPhone51_iOS921: return 0xca5a8;
1305
        case iPhone51_iOS930: return 0xcb508;
1306
        case iPhone51_iOS931: return 0xcb508;
1307
        case iPhone51_iOS932: return 0xcb508;
1308
        case iPhone51_iOS933: return 0xcb508;
1309
        case iPhone51_iOS934: return 0xcb508;
1310
        case iPhone52_iOS902: return 0xcb5a8;
1311
        case iPhone52_iOS910: return 0xcb5a8;
1312
        case iPhone52_iOS920: return 0xca5a8;
1313
        case iPhone52_iOS921: return 0xca5a8;
1314
        case iPhone52_iOS930: return 0xcb508;
1315
        case iPhone52_iOS931: return 0xcb508;
1316
        case iPhone52_iOS932: return 0xcb508;
1317
        case iPhone52_iOS933: return 0xcb508;
1318
        case iPhone52_iOS934: return 0xcb508;
1319
        case iPhone53_iOS910: return 0xcb5a8;
1320
        case iPhone53_iOS920: return 0xca5a8;
1321
        case iPhone53_iOS921: return 0xca5a8;
1322
        case iPhone53_iOS930: return 0xcb508;
1323
        case iPhone53_iOS931: return 0xcb508;
1324
        case iPhone53_iOS932: return 0xcb508;
1325
        case iPhone53_iOS933: return 0xcb508;
1326
        case iPhone53_iOS934: return 0xcb508;
1327
        case iPhone54_iOS910: return 0xcb5a8;
1328
        case iPhone54_iOS920: return 0xca5a8;
1329
        case iPhone54_iOS921: return 0xca5a8;
1330
        case iPhone54_iOS930: return 0xcb508;
1331
        case iPhone54_iOS931: return 0xcb508;
1332
        case iPhone54_iOS932: return 0xcb508;
1333
        case iPhone54_iOS933: return 0xcb508;
1334
        case iPhone54_iOS934: return 0xcb508;
1335
        case iPad21_iOS910: return 0xc7488;
1336
        case iPad21_iOS920: return 0xc6488;
1337
        case iPad21_iOS921: return 0xc6488;
1338
        case iPad21_iOS930: return 0xc73e8;
1339
        case iPad21_iOS931: return 0xc73e8;
1340
        case iPad21_iOS932: return 0xc73e8;
1341
        case iPad21_iOS933: return 0xc73e8;
1342
        case iPad21_iOS934: return 0xc73e8;
1343
        case iPad22_iOS910: return 0xc7488;
1344
        case iPad22_iOS920: return 0xc6488;
1345
        case iPad22_iOS921: return 0xc6488;
1346
        case iPad22_iOS930: return 0xc73e8;
1347
        case iPad22_iOS931: return 0xc73e8;
1348
        case iPad22_iOS932: return 0xc73e8;
1349
        case iPad22_iOS933: return 0xc73e8;
1350
        case iPad22_iOS934: return 0xc73e8;
1351
        case iPad23_iOS910: return 0xc7488;
1352
        case iPad23_iOS920: return 0xc6488;
1353
        case iPad23_iOS921: return 0xc6488;
1354
        case iPad23_iOS930: return 0xc73e8;
1355
        case iPad23_iOS931: return 0xc73e8;
1356
        case iPad23_iOS932: return 0xc73e8;
1357
        case iPad23_iOS933: return 0xc73e8;
1358
        case iPad23_iOS934: return 0xc73e8;
1359
        case iPad24_iOS910: return 0xc7488;
1360
        case iPad24_iOS920: return 0xc6488;
1361
        case iPad24_iOS921: return 0xc6488;
1362
        case iPad24_iOS930: return 0xc73e8;
1363
        case iPad24_iOS931: return 0xc73e8;
1364
        case iPad24_iOS932: return 0xc73e8;
1365
        case iPad24_iOS933: return 0xc73e8;
1366
        case iPad24_iOS934: return 0xc73e8;
1367
        case iPad25_iOS902: return 0xc7488;
1368
        case iPad31_iOS910: return 0xc7488;
1369
        case iPad31_iOS920: return 0xc6488;
1370
        case iPad31_iOS921: return 0xc6488;
1371
        case iPad31_iOS930: return 0xc73e8;
1372
        case iPad31_iOS931: return 0xc73e8;
1373
        case iPad31_iOS932: return 0xc73e8;
1374
        case iPad31_iOS933: return 0xc73e8;
1375
        case iPad31_iOS934: return 0xc73e8;
1376
        case iPad32_iOS910: return 0xc7488;
1377
        case iPad32_iOS920: return 0xc6488;
1378
        case iPad32_iOS921: return 0xc6488;
1379
        case iPad32_iOS930: return 0xc73e8;
1380
        case iPad32_iOS931: return 0xc73e8;
1381
        case iPad32_iOS932: return 0xc73e8;
1382
        case iPad32_iOS933: return 0xc73e8;
1383
        case iPad32_iOS934: return 0xc73e8;
1384
        case iPad33_iOS902: return 0xc7488;
1385
        case iPad33_iOS910: return 0xc7488;
1386
        case iPad33_iOS920: return 0xc6488;
1387
        case iPad33_iOS921: return 0xc6488;
1388
        case iPad33_iOS930: return 0xc73e8;
1389
        case iPad33_iOS931: return 0xc73e8;
1390
        case iPad33_iOS932: return 0xc73e8;
1391
        case iPad33_iOS933: return 0xc73e8;
1392
        case iPad33_iOS934: return 0xc73e8;
1393
        case iPad34_iOS910: return 0xcb5a8;
1394
        case iPad34_iOS920: return 0xca5a8;
1395
        case iPad34_iOS921: return 0xca5a8;
1396
        case iPad34_iOS930: return 0xcb508;
1397
        case iPad34_iOS931: return 0xcb508;
1398
        case iPad34_iOS932: return 0xcb508;
1399
        case iPad34_iOS933: return 0xcb508;
1400
        case iPad34_iOS934: return 0xcb508;
1401
        case iPad35_iOS910: return 0xcb5a8;
1402
        case iPad35_iOS920: return 0xca5a8;
1403
        case iPad35_iOS921: return 0xca5a8;
1404
        case iPad35_iOS930: return 0xcb508;
1405
        case iPad35_iOS931: return 0xcb508;
1406
        case iPad35_iOS932: return 0xcb508;
1407
        case iPad35_iOS933: return 0xcb508;
1408
        case iPad35_iOS934: return 0xcb508;
1409
        case iPad36_iOS910: return 0xcb5a8;
1410
        case iPad36_iOS920: return 0xca5a8;
1411
        case iPad36_iOS921: return 0xca5a8;
1412
        case iPad36_iOS930: return 0xcb508;
1413
        case iPad36_iOS931: return 0xcb508;
1414
        case iPad36_iOS932: return 0xcb508;
1415
        case iPad36_iOS933: return 0xcb508;
1416
        case iPad36_iOS934: return 0xcb508;
1417
        case iPod51_iOS910: return 0xc7488;
1418
        case iPod51_iOS920: return 0xc6488;
1419
        case iPod51_iOS921: return 0xc6488;
1420
        case iPod51_iOS930: return 0xc73e8;
1421
        case iPod51_iOS931: return 0xc73e8;
1422
        case iPod51_iOS932: return 0xc73e8;
1423
        case iPod51_iOS933: return 0xc73e8;
1424
        case iPod51_iOS934: return 0xc73e8;
1425
        default: return 0;
1426
    }
1427
}
1428

1429
static inline unsigned int find_vm_kernel_addrperm(void) {
1430
    switch (target_environment) {
1431
        case iPhone41_iOS902: return 0x455fa0;
1432
        case iPhone41_iOS910: return 0x457030;
1433
        case iPhone41_iOS920: return 0x44e840;
1434
        case iPhone41_iOS921: return 0x44e840;
1435
        case iPhone41_iOS930: return 0x455844;
1436
        case iPhone41_iOS931: return 0x455844;
1437
        case iPhone41_iOS932: return 0x455844;
1438
        case iPhone41_iOS933: return 0x455844;
1439
        case iPhone41_iOS934: return 0x455844;
1440
        case iPhone51_iOS910: return 0x45e154;
1441
        case iPhone51_iOS920: return 0x455964;
1442
        case iPhone51_iOS921: return 0x455964;
1443
        case iPhone51_iOS930: return 0x45d978;
1444
        case iPhone51_iOS931: return 0x45d978;
1445
        case iPhone51_iOS932: return 0x45d978;
1446
        case iPhone51_iOS933: return 0x45d978;
1447
        case iPhone51_iOS934: return 0x45d978;
1448
        case iPhone52_iOS902: return 0x45c0c4;
1449
        case iPhone52_iOS910: return 0x45e154;
1450
        case iPhone52_iOS920: return 0x455964;
1451
        case iPhone52_iOS921: return 0x455964;
1452
        case iPhone52_iOS930: return 0x45d978;
1453
        case iPhone52_iOS931: return 0x45d978;
1454
        case iPhone52_iOS932: return 0x45d978;
1455
        case iPhone52_iOS933: return 0x45d978;
1456
        case iPhone52_iOS934: return 0x45d978;
1457
        case iPhone53_iOS910: return 0x45e154;
1458
        case iPhone53_iOS920: return 0x455964;
1459
        case iPhone53_iOS921: return 0x455964;
1460
        case iPhone53_iOS930: return 0x45d978;
1461
        case iPhone53_iOS931: return 0x45d978;
1462
        case iPhone53_iOS932: return 0x45d978;
1463
        case iPhone53_iOS933: return 0x45d978;
1464
        case iPhone53_iOS934: return 0x45d978;
1465
        case iPhone54_iOS910: return 0x45e154;
1466
        case iPhone54_iOS920: return 0x455964;
1467
        case iPhone54_iOS921: return 0x455964;
1468
        case iPhone54_iOS930: return 0x45D978;
1469
        case iPhone54_iOS931: return 0x45d978;
1470
        case iPhone54_iOS932: return 0x45d978;
1471
        case iPhone54_iOS933: return 0x45d978;
1472
        case iPhone54_iOS934: return 0x45d978;
1473
        case iPad21_iOS910: return 0x457030;
1474
        case iPad21_iOS920: return 0x44e840;
1475
        case iPad21_iOS921: return 0x44e840;
1476
        case iPad21_iOS930: return 0x455844;
1477
        case iPad21_iOS931: return 0x455844;
1478
        case iPad21_iOS932: return 0x455844;
1479
        case iPad21_iOS933: return 0x455844;
1480
        case iPad21_iOS934: return 0x455844;
1481
        case iPad22_iOS910: return 0x457030;
1482
        case iPad22_iOS920: return 0x44e840;
1483
        case iPad22_iOS921: return 0x44e840;
1484
        case iPad22_iOS930: return 0x455844;
1485
        case iPad22_iOS931: return 0x455844;
1486
        case iPad22_iOS932: return 0x455844;
1487
        case iPad22_iOS933: return 0x455844;
1488
        case iPad22_iOS934: return 0x455844;
1489
        case iPad23_iOS910: return 0x457030;
1490
        case iPad23_iOS920: return 0x44e840;
1491
        case iPad23_iOS921: return 0x44e840;
1492
        case iPad23_iOS930: return 0x455844;
1493
        case iPad23_iOS931: return 0x455844;
1494
        case iPad23_iOS932: return 0x455844;
1495
        case iPad23_iOS933: return 0x455844;
1496
        case iPad23_iOS934: return 0x455844;
1497
        case iPad24_iOS910: return 0x457030;
1498
        case iPad24_iOS920: return 0x44e840;
1499
        case iPad24_iOS921: return 0x44e840;
1500
        case iPad24_iOS930: return 0x455844;
1501
        case iPad24_iOS931: return 0x455844;
1502
        case iPad24_iOS932: return 0x455844;
1503
        case iPad24_iOS933: return 0x455844;
1504
        case iPad24_iOS934: return 0x455844;
1505
        case iPad25_iOS902: return 0x455fa0;
1506
        case iPad31_iOS910: return 0x457030;
1507
        case iPad31_iOS920: return 0x44e840;
1508
        case iPad31_iOS921: return 0x44e840;
1509
        case iPad31_iOS930: return 0x455844;
1510
        case iPad31_iOS931: return 0x455844;
1511
        case iPad31_iOS932: return 0x455844;
1512
        case iPad31_iOS933: return 0x455844;
1513
        case iPad31_iOS934: return 0x455844;
1514
        case iPad32_iOS910: return 0x457030;
1515
        case iPad32_iOS920: return 0x44e840;
1516
        case iPad32_iOS921: return 0x44e840;
1517
        case iPad32_iOS930: return 0x455844;
1518
        case iPad32_iOS931: return 0x455844;
1519
        case iPad32_iOS932: return 0x455844;
1520
        case iPad32_iOS933: return 0x455844;
1521
        case iPad32_iOS934: return 0x455844;
1522
        case iPad33_iOS902: return 0x455fa0;
1523
        case iPad33_iOS910: return 0x457030;
1524
        case iPad33_iOS920: return 0x44e840;
1525
        case iPad33_iOS921: return 0x44e840;
1526
        case iPad33_iOS930: return 0x455844;
1527
        case iPad33_iOS931: return 0x455844;
1528
        case iPad33_iOS932: return 0x455844;
1529
        case iPad33_iOS933: return 0x455844;
1530
        case iPad33_iOS934: return 0x455844;
1531
        case iPad34_iOS910: return 0x45e154;
1532
        case iPad34_iOS920: return 0x455964;
1533
        case iPad34_iOS921: return 0x455964;
1534
        case iPad34_iOS930: return 0x45d978;
1535
        case iPad34_iOS931: return 0x45d978;
1536
        case iPad34_iOS932: return 0x45d978;
1537
        case iPad34_iOS933: return 0x45d978;
1538
        case iPad34_iOS934: return 0x45d978;
1539
        case iPad35_iOS910: return 0x45e154;
1540
        case iPad35_iOS920: return 0x455964;
1541
        case iPad35_iOS921: return 0x455964;
1542
        case iPad35_iOS930: return 0x45d978;
1543
        case iPad35_iOS931: return 0x45d978;
1544
        case iPad35_iOS932: return 0x45d978;
1545
        case iPad35_iOS933: return 0x45d978;
1546
        case iPad35_iOS934: return 0x45d978;
1547
        case iPad36_iOS910: return 0x45e154;
1548
        case iPad36_iOS920: return 0x455964;
1549
        case iPad36_iOS921: return 0x455964;
1550
        case iPad36_iOS930: return 0x45d978;
1551
        case iPad36_iOS931: return 0x45d978;
1552
        case iPad36_iOS932: return 0x45d978;
1553
        case iPad36_iOS933: return 0x45d978;
1554
        case iPad36_iOS934: return 0x45d978;
1555
        case iPod51_iOS910: return 0x457030;
1556
        case iPod51_iOS920: return 0x44e840;
1557
        case iPod51_iOS921: return 0x44e840;
1558
        case iPod51_iOS930: return 0x455844;
1559
        case iPod51_iOS931: return 0x455844;
1560
        case iPod51_iOS932: return 0x455844;
1561
        case iPod51_iOS933: return 0x455844;
1562
        case iPod51_iOS934: return 0x455844;
1563
        default: return 0;
1564
    }
1565
}
1566

1567
static inline unsigned int find_kernel_pmap(void) {
1568
    switch (target_environment) {
1569
        case iPhone41_iOS902: return 0x3f7444;
1570
        case iPhone41_iOS910: return 0x3f8444;
1571
        case iPhone41_iOS920: return 0x3ef444;
1572
        case iPhone41_iOS921: return 0x3ef444;
1573
        case iPhone41_iOS930: return 0x3f6454;
1574
        case iPhone41_iOS931: return 0x3f6454;
1575
        case iPhone41_iOS932: return 0x3f6454;
1576
        case iPhone41_iOS933: return 0x3f6454;
1577
        case iPhone41_iOS934: return 0x3f6454;
1578
        case iPhone51_iOS910: return 0x3ff444;
1579
        case iPhone51_iOS920: return 0x3f6444;
1580
        case iPhone51_iOS921: return 0x3f6444;
1581
        case iPhone51_iOS930: return 0x3fe454;
1582
        case iPhone51_iOS931: return 0x3fe454;
1583
        case iPhone51_iOS932: return 0x3fe454;
1584
        case iPhone51_iOS933: return 0x3fe454;
1585
        case iPhone51_iOS934: return 0x3fe454;
1586
        case iPhone52_iOS902: return 0x3fd444;
1587
        case iPhone52_iOS910: return 0x3ff444;
1588
        case iPhone52_iOS920: return 0x3f6444;
1589
        case iPhone52_iOS921: return 0x3f6444;
1590
        case iPhone52_iOS930: return 0x3fe454;
1591
        case iPhone52_iOS931: return 0x3fe454;
1592
        case iPhone52_iOS932: return 0x3fe454;
1593
        case iPhone52_iOS933: return 0x3fe454;
1594
        case iPhone52_iOS934: return 0x3fe454;
1595
        case iPhone53_iOS910: return 0x3ff444;
1596
        case iPhone53_iOS920: return 0x3f6444;
1597
        case iPhone53_iOS921: return 0x3f6444;
1598
        case iPhone53_iOS930: return 0x3fe454;
1599
        case iPhone53_iOS931: return 0x3fe454;
1600
        case iPhone53_iOS932: return 0x3fe454;
1601
        case iPhone53_iOS933: return 0x3fe454;
1602
        case iPhone53_iOS934: return 0x3fe454;
1603
        case iPhone54_iOS910: return 0x3ff444;
1604
        case iPhone54_iOS920: return 0x3f6444;
1605
        case iPhone54_iOS921: return 0x3f6444;
1606
        case iPhone54_iOS930: return 0x3fe454;
1607
        case iPhone54_iOS931: return 0x3fe454;
1608
        case iPhone54_iOS932: return 0x3fe454;
1609
        case iPhone54_iOS933: return 0x3fe454;
1610
        case iPhone54_iOS934: return 0x3fe454;
1611
        case iPad21_iOS910: return 0x3f8444;
1612
        case iPad21_iOS920: return 0x3ef444;
1613
        case iPad21_iOS921: return 0x3ef444;
1614
        case iPad21_iOS930: return 0x3f6454;
1615
        case iPad21_iOS931: return 0x3f6454;
1616
        case iPad21_iOS932: return 0x3f6454;
1617
        case iPad21_iOS933: return 0x3f6454;
1618
        case iPad21_iOS934: return 0x3f6454;
1619
        case iPad22_iOS910: return 0x3f8444;
1620
        case iPad22_iOS920: return 0x3ef444;
1621
        case iPad22_iOS921: return 0x3ef444;
1622
        case iPad22_iOS930: return 0x3f6454;
1623
        case iPad22_iOS931: return 0x3f6454;
1624
        case iPad22_iOS932: return 0x3f6454;
1625
        case iPad22_iOS933: return 0x3f6454;
1626
        case iPad22_iOS934: return 0x3f6454;
1627
        case iPad23_iOS910: return 0x3f8444;
1628
        case iPad23_iOS920: return 0x3ef444;
1629
        case iPad23_iOS921: return 0x3ef444;
1630
        case iPad23_iOS930: return 0x3f6454;
1631
        case iPad23_iOS931: return 0x3f6454;
1632
        case iPad23_iOS932: return 0x3f6454;
1633
        case iPad23_iOS933: return 0x3f6454;
1634
        case iPad23_iOS934: return 0x3f6454;
1635
        case iPad24_iOS910: return 0x3f8444;
1636
        case iPad24_iOS920: return 0x3ef444;
1637
        case iPad24_iOS921: return 0x3ef444;
1638
        case iPad24_iOS930: return 0x3f6454;
1639
        case iPad24_iOS931: return 0x3f6454;
1640
        case iPad24_iOS932: return 0x3f6454;
1641
        case iPad24_iOS933: return 0x3f6454;
1642
        case iPad24_iOS934: return 0x3f6454;
1643
        case iPad25_iOS902: return 0x3f7444;
1644
        case iPad31_iOS910: return 0x3f8444;
1645
        case iPad31_iOS920: return 0x3ef444;
1646
        case iPad31_iOS921: return 0x3ef444;
1647
        case iPad31_iOS930: return 0x3f6454;
1648
        case iPad31_iOS931: return 0x3f6454;
1649
        case iPad31_iOS932: return 0x3f6454;
1650
        case iPad31_iOS933: return 0x3f6454;
1651
        case iPad31_iOS934: return 0x3f6454;
1652
        case iPad32_iOS910: return 0x3f8444;
1653
        case iPad32_iOS920: return 0x3ef444;
1654
        case iPad32_iOS921: return 0x3ef444;
1655
        case iPad32_iOS930: return 0x3f6454;
1656
        case iPad32_iOS931: return 0x3f6454;
1657
        case iPad32_iOS932: return 0x3f6454;
1658
        case iPad32_iOS933: return 0x3f6454;
1659
        case iPad32_iOS934: return 0x3f6454;
1660
        case iPad33_iOS902: return 0x3f7444;
1661
        case iPad33_iOS910: return 0x3f8444;
1662
        case iPad33_iOS920: return 0x3ef444;
1663
        case iPad33_iOS921: return 0x3ef444;
1664
        case iPad33_iOS930: return 0x3f6454;
1665
        case iPad33_iOS931: return 0x3f6454;
1666
        case iPad33_iOS932: return 0x3f6454;
1667
        case iPad33_iOS933: return 0x3f6454;
1668
        case iPad33_iOS934: return 0x3f6454;
1669
        case iPad34_iOS910: return 0x3ff444;
1670
        case iPad34_iOS920: return 0x3f6444;
1671
        case iPad34_iOS921: return 0x3f6444;
1672
        case iPad34_iOS930: return 0x3fe454;
1673
        case iPad34_iOS931: return 0x3fe454;
1674
        case iPad34_iOS932: return 0x3fe454;
1675
        case iPad34_iOS933: return 0x3fe454;
1676
        case iPad34_iOS934: return 0x3fe454;
1677
        case iPad35_iOS910: return 0x3ff444;
1678
        case iPad35_iOS920: return 0x3f6444;
1679
        case iPad35_iOS921: return 0x3f6444;
1680
        case iPad35_iOS930: return 0x3fe454;
1681
        case iPad35_iOS931: return 0x3fe454;
1682
        case iPad35_iOS932: return 0x3fe454;
1683
        case iPad35_iOS933: return 0x3fe454;
1684
        case iPad35_iOS934: return 0x3fe454;
1685
        case iPad36_iOS910: return 0x3ff444;
1686
        case iPad36_iOS920: return 0x3f6444;
1687
        case iPad36_iOS921: return 0x3f6444;
1688
        case iPad36_iOS930: return 0x3fe454;
1689
        case iPad36_iOS931: return 0x3fe454;
1690
        case iPad36_iOS932: return 0x3fe454;
1691
        case iPad36_iOS933: return 0x3fe454;
1692
        case iPad36_iOS934: return 0x3fe454;
1693
        case iPod51_iOS910: return 0x3f8444;
1694
        case iPod51_iOS920: return 0x3ef444;
1695
        case iPod51_iOS921: return 0x3ef444;
1696
        case iPod51_iOS930: return 0x3f6454;
1697
        case iPod51_iOS931: return 0x3f6454;
1698
        case iPod51_iOS932: return 0x3f6454;
1699
        case iPod51_iOS933: return 0x3f6454;
1700
        case iPod51_iOS934: return 0x3f6454;
1701
        default: return 0;
1702
    }
1703
}
1704

1705
static inline unsigned int find_flush_dcache(void) {
1706
    switch (target_environment) {
1707
        case iPhone41_iOS902: return 0xbc9b8;
1708
        case iPhone41_iOS910: return 0xbcb7c;
1709
        case iPhone41_iOS920: return 0xbb710;
1710
        case iPhone41_iOS921: return 0xbb760;
1711
        case iPhone41_iOS930: return 0xbc250;
1712
        case iPhone41_iOS931: return 0xbc250;
1713
        case iPhone41_iOS932: return 0xbc260;
1714
        case iPhone41_iOS933: return 0xbc1d4;
1715
        case iPhone41_iOS934: return 0xbc1d4;
1716
        case iPhone51_iOS910: return 0xbf770;
1717
        case iPhone51_iOS920: return 0xbe598;
1718
        case iPhone51_iOS921: return 0xbe5d8;
1719
        case iPhone51_iOS930: return 0xbf284;
1720
        case iPhone51_iOS931: return 0xbf284;
1721
        case iPhone51_iOS932: return 0xbf274;
1722
        case iPhone51_iOS933: return 0xbf404;
1723
        case iPhone51_iOS934: return 0xbf404;
1724
        case iPhone52_iOS902: return 0xbf5ac;
1725
        case iPhone52_iOS910: return 0xbf770;
1726
        case iPhone52_iOS920: return 0xbe598;
1727
        case iPhone52_iOS921: return 0xbe610;
1728
        case iPhone52_iOS930: return 0xbf2bc;
1729
        case iPhone52_iOS931: return 0xbf284;
1730
        case iPhone52_iOS932: return 0xbf284;
1731
        case iPhone52_iOS933: return 0xbf404;
1732
        case iPhone52_iOS934: return 0xbf404;
1733
        case iPhone53_iOS910: return 0xbf770;
1734
        case iPhone53_iOS920: return 0xbe598;
1735
        case iPhone53_iOS921: return 0xbe610;
1736
        case iPhone53_iOS930: return 0xbf284;
1737
        case iPhone53_iOS931: return 0xbf284;
1738
        case iPhone53_iOS932: return 0xbf274;
1739
        case iPhone53_iOS933: return 0xbf404;
1740
        case iPhone53_iOS934: return 0xbf404;
1741
        case iPhone54_iOS910: return 0xbf770;
1742
        case iPhone54_iOS920: return 0xbe598;
1743
        case iPhone54_iOS921: return 0xbe5d8;
1744
        case iPhone54_iOS930: return 0xbf284;
1745
        case iPhone54_iOS931: return 0xbf284;
1746
        case iPhone54_iOS932: return 0xbf274;
1747
        case iPhone54_iOS933: return 0xbf404;
1748
        case iPhone54_iOS934: return 0xbf404;
1749
        case iPad21_iOS910: return 0xbcb7c;
1750
        case iPad21_iOS920: return 0xbb710;
1751
        case iPad21_iOS921: return 0xbb760;
1752
        case iPad21_iOS930: return 0xbc250;
1753
        case iPad21_iOS931: return 0xbc250;
1754
        case iPad21_iOS932: return 0xbc260;
1755
        case iPad21_iOS933: return 0xbc1d4;
1756
        case iPad21_iOS934: return 0xbc1d4;
1757
        case iPad22_iOS910: return 0xbcb7c;
1758
        case iPad22_iOS920: return 0xbb710;
1759
        case iPad22_iOS921: return 0xbb760;
1760
        case iPad22_iOS930: return 0xbc250;
1761
        case iPad22_iOS931: return 0xbc250;
1762
        case iPad22_iOS932: return 0xbc260;
1763
        case iPad22_iOS933: return 0xbc1d4;
1764
        case iPad22_iOS934: return 0xbc1d4;
1765
        case iPad23_iOS910: return 0xbcb7c;
1766
        case iPad23_iOS920: return 0xbb710;
1767
        case iPad23_iOS921: return 0xbb760;
1768
        case iPad23_iOS930: return 0xbc250;
1769
        case iPad23_iOS931: return 0xbc250;
1770
        case iPad23_iOS932: return 0xbc260;
1771
        case iPad23_iOS933: return 0xbc1d8;
1772
        case iPad23_iOS934: return 0xbc1d4;
1773
        case iPad24_iOS910: return 0xbcb7c;
1774
        case iPad24_iOS920: return 0xbb710;
1775
        case iPad24_iOS921: return 0xbb760;
1776
        case iPad24_iOS930: return 0xbc250;
1777
        case iPad24_iOS931: return 0xbc250;
1778
        case iPad24_iOS932: return 0xbc260;
1779
        case iPad24_iOS933: return 0xbc1d8;
1780
        case iPad24_iOS934: return 0xbc1d4;
1781
        case iPad25_iOS902: return 0xbc9b8;
1782
        case iPad31_iOS910: return 0xbcb7c;
1783
        case iPad31_iOS920: return 0xbb710;
1784
        case iPad31_iOS921: return 0xbb760;
1785
        case iPad31_iOS930: return 0xbc250;
1786
        case iPad31_iOS931: return 0xbc250;
1787
        case iPad31_iOS932: return 0xbc260;
1788
        case iPad31_iOS933: return 0xbc1d4;
1789
        case iPad31_iOS934: return 0xbc1d4;
1790
        case iPad32_iOS910: return 0xbcb7c;
1791
        case iPad32_iOS920: return 0xbb710;
1792
        case iPad32_iOS921: return 0xbb760;
1793
        case iPad32_iOS930: return 0xbc250;
1794
        case iPad32_iOS931: return 0xbc250;
1795
        case iPad32_iOS932: return 0xbc260;
1796
        case iPad32_iOS933: return 0xbc1d4;
1797
        case iPad32_iOS934: return 0xbc1d4;
1798
        case iPad33_iOS902: return 0xbc9b8;
1799
        case iPad33_iOS910: return 0xbcb7c;
1800
        case iPad33_iOS920: return 0xbb710;
1801
        case iPad33_iOS921: return 0xbb760;
1802
        case iPad33_iOS930: return 0xbc250;
1803
        case iPad33_iOS931: return 0xbc250;
1804
        case iPad33_iOS932: return 0xbc260;
1805
        case iPad33_iOS933: return 0xbc1d4;
1806
        case iPad33_iOS934: return 0xbc1d4;
1807
        case iPad34_iOS910: return 0xbf770;
1808
        case iPad34_iOS920: return 0xbe598;
1809
        case iPad34_iOS921: return 0xbe5d8;
1810
        case iPad34_iOS930: return 0xbf284;
1811
        case iPad34_iOS931: return 0xbf284;
1812
        case iPad34_iOS932: return 0xbf274;
1813
        case iPad34_iOS933: return 0xbf404;
1814
        case iPad34_iOS934: return 0xbf404;
1815
        case iPad35_iOS910: return 0xbf770;
1816
        case iPad35_iOS920: return 0xbe598;
1817
        case iPad35_iOS921: return 0xbe5d8;
1818
        case iPad35_iOS930: return 0xbf284;
1819
        case iPad35_iOS931: return 0xbf284;
1820
        case iPad35_iOS932: return 0xbf274;
1821
        case iPad35_iOS933: return 0xbf404;
1822
        case iPad35_iOS934: return 0xbf404;
1823
        case iPad36_iOS910: return 0xbf770;
1824
        case iPad36_iOS920: return 0xbe598;
1825
        case iPad36_iOS921: return 0xbe5d8;
1826
        case iPad36_iOS930: return 0xbf284;
1827
        case iPad36_iOS931: return 0xbf284;
1828
        case iPad36_iOS932: return 0xbf274;
1829
        case iPad36_iOS933: return 0xbf404;
1830
        case iPad36_iOS934: return 0xbf404;
1831
        case iPod51_iOS910: return 0xbcb7c;
1832
        case iPod51_iOS920: return 0xbb710;
1833
        case iPod51_iOS921: return 0xbb760;
1834
        case iPod51_iOS930: return 0xbc250;
1835
        case iPod51_iOS931: return 0xbc250;
1836
        case iPod51_iOS932: return 0xbc260;
1837
        case iPod51_iOS933: return 0xbc1d4;
1838
        case iPod51_iOS934: return 0xbc1d4;
1839
        default: return 0;
1840
    }
1841
}
1842

1843
static inline unsigned int find_invalidate_tlb(void) {
1844
    switch (target_environment) {
1845
        case iPhone41_iOS902: return 0xc74e0;
1846
        case iPhone41_iOS910: return 0xc74e0;
1847
        case iPhone41_iOS920: return 0xc64e0;
1848
        case iPhone41_iOS921: return 0xc64e0;
1849
        case iPhone41_iOS930: return 0xc7440;
1850
        case iPhone41_iOS931: return 0xc7440;
1851
        case iPhone41_iOS932: return 0xc7440;
1852
        case iPhone41_iOS933: return 0xc7440;
1853
        case iPhone41_iOS934: return 0xc7440;
1854
        case iPhone51_iOS910: return 0xcb600;
1855
        case iPhone51_iOS920: return 0xca600;
1856
        case iPhone51_iOS921: return 0xca600;
1857
        case iPhone51_iOS930: return 0xcb560;
1858
        case iPhone51_iOS931: return 0xcb560;
1859
        case iPhone51_iOS932: return 0xcb560;
1860
        case iPhone51_iOS933: return 0xcb560;
1861
        case iPhone51_iOS934: return 0xcb560;
1862
        case iPhone52_iOS902: return 0xcb600;
1863
        case iPhone52_iOS910: return 0xcb600;
1864
        case iPhone52_iOS920: return 0xca600;
1865
        case iPhone52_iOS921: return 0xca600;
1866
        case iPhone52_iOS930: return 0xcb560;
1867
        case iPhone52_iOS931: return 0xcb560;
1868
        case iPhone52_iOS932: return 0xcb560;
1869
        case iPhone52_iOS933: return 0xcb560;
1870
        case iPhone52_iOS934: return 0xcb560;
1871
        case iPhone53_iOS910: return 0xcb600;
1872
        case iPhone53_iOS920: return 0xca600;
1873
        case iPhone53_iOS921: return 0xca600;
1874
        case iPhone53_iOS930: return 0xcb560;
1875
        case iPhone53_iOS931: return 0xcb560;
1876
        case iPhone53_iOS932: return 0xcb560;
1877
        case iPhone53_iOS933: return 0xcb560;
1878
        case iPhone53_iOS934: return 0xcb560;
1879
        case iPhone54_iOS910: return 0xcb600;
1880
        case iPhone54_iOS920: return 0xca600;
1881
        case iPhone54_iOS921: return 0xca600;
1882
        case iPhone54_iOS930: return 0xcb560;
1883
        case iPhone54_iOS931: return 0xcb560;
1884
        case iPhone54_iOS932: return 0xcb560;
1885
        case iPhone54_iOS933: return 0xcb560;
1886
        case iPhone54_iOS934: return 0xcb560;
1887
        case iPad21_iOS910: return 0xc74e0;
1888
        case iPad21_iOS920: return 0xc64e0;
1889
        case iPad21_iOS921: return 0xc64e0;
1890
        case iPad21_iOS930: return 0xc7440;
1891
        case iPad21_iOS931: return 0xc7440;
1892
        case iPad21_iOS932: return 0xc7440;
1893
        case iPad21_iOS933: return 0xc7440;
1894
        case iPad21_iOS934: return 0xc7440;
1895
        case iPad22_iOS910: return 0xc74e0;
1896
        case iPad22_iOS920: return 0xc64e0;
1897
        case iPad22_iOS921: return 0xc64e0;
1898
        case iPad22_iOS930: return 0xc7440;
1899
        case iPad22_iOS931: return 0xc7440;
1900
        case iPad22_iOS932: return 0xc7440;
1901
        case iPad22_iOS933: return 0xc7440;
1902
        case iPad22_iOS934: return 0xc7440;
1903
        case iPad23_iOS910: return 0xc74e0;
1904
        case iPad23_iOS920: return 0xc64e0;
1905
        case iPad23_iOS921: return 0xc64e0;
1906
        case iPad23_iOS930: return 0xc7440;
1907
        case iPad23_iOS931: return 0xc7440;
1908
        case iPad23_iOS932: return 0xc7440;
1909
        case iPad23_iOS933: return 0xc7450;
1910
        case iPad23_iOS934: return 0xc7440;
1911
        case iPad24_iOS910: return 0xc74e0;
1912
        case iPad24_iOS920: return 0xc64e0;
1913
        case iPad24_iOS921: return 0xc64e0;
1914
        case iPad24_iOS930: return 0xc7440;
1915
        case iPad24_iOS931: return 0xc7440;
1916
        case iPad24_iOS932: return 0xc7440;
1917
        case iPad24_iOS933: return 0xc7450;
1918
        case iPad24_iOS934: return 0xc7440;
1919
        case iPad25_iOS902: return 0xc74e0;
1920
        case iPad31_iOS910: return 0xc74e0;
1921
        case iPad31_iOS920: return 0xc64e0;
1922
        case iPad31_iOS921: return 0xc64e0;
1923
        case iPad31_iOS930: return 0xc7440;
1924
        case iPad31_iOS931: return 0xc7440;
1925
        case iPad31_iOS932: return 0xc7440;
1926
        case iPad31_iOS933: return 0xc7440;
1927
        case iPad31_iOS934: return 0xc7440;
1928
        case iPad32_iOS910: return 0xc74e0;
1929
        case iPad32_iOS920: return 0xc64e0;
1930
        case iPad32_iOS921: return 0xc64e0;
1931
        case iPad32_iOS930: return 0xc7440;
1932
        case iPad32_iOS931: return 0xc7440;
1933
        case iPad32_iOS932: return 0xc7440;
1934
        case iPad32_iOS933: return 0xc7440;
1935
        case iPad32_iOS934: return 0xc7440;
1936
        case iPad33_iOS902: return 0xc74e0;
1937
        case iPad33_iOS910: return 0xc74e0;
1938
        case iPad33_iOS920: return 0xc64e0;
1939
        case iPad33_iOS921: return 0xc64e0;
1940
        case iPad33_iOS930: return 0xc7440;
1941
        case iPad33_iOS931: return 0xc7440;
1942
        case iPad33_iOS932: return 0xc7440;
1943
        case iPad33_iOS933: return 0xc7440;
1944
        case iPad33_iOS934: return 0xc7440;
1945
        case iPad34_iOS910: return 0xcb600;
1946
        case iPad34_iOS920: return 0xca600;
1947
        case iPad34_iOS921: return 0xca600;
1948
        case iPad34_iOS930: return 0xcb560;
1949
        case iPad34_iOS931: return 0xcb560;
1950
        case iPad34_iOS932: return 0xcb560;
1951
        case iPad34_iOS933: return 0xcb560;
1952
        case iPad34_iOS934: return 0xcb560;
1953
        case iPad35_iOS910: return 0xcb600;
1954
        case iPad35_iOS920: return 0xca600;
1955
        case iPad35_iOS921: return 0xca600;
1956
        case iPad35_iOS930: return 0xcb560;
1957
        case iPad35_iOS931: return 0xcb560;
1958
        case iPad35_iOS932: return 0xcb560;
1959
        case iPad35_iOS933: return 0xcb560;
1960
        case iPad35_iOS934: return 0xcb560;
1961
        case iPad36_iOS910: return 0xcb600;
1962
        case iPad36_iOS920: return 0xca600;
1963
        case iPad36_iOS921: return 0xca600;
1964
        case iPad36_iOS930: return 0xcb560;
1965
        case iPad36_iOS931: return 0xcb560;
1966
        case iPad36_iOS932: return 0xcb560;
1967
        case iPad36_iOS933: return 0xcb560;
1968
        case iPad36_iOS934: return 0xcb560;
1969
        case iPod51_iOS910: return 0xc74e0;
1970
        case iPod51_iOS920: return 0xc64e0;
1971
        case iPod51_iOS921: return 0xc64e0;
1972
        case iPod51_iOS930: return 0xc7440;
1973
        case iPod51_iOS931: return 0xc7440;
1974
        case iPod51_iOS932: return 0xc7440;
1975
        case iPod51_iOS933: return 0xc7440;
1976
        case iPod51_iOS934: return 0xc7440;
1977
        default: return 0;
1978
    }
1979
}
1980

1981
static inline unsigned int find_task_for_pid(void) {
1982
    switch (target_environment) {
1983
        case iPhone41_iOS902: return 0x2fca70;
1984
        case iPhone41_iOS910: return 0x2fe034;
1985
        case iPhone41_iOS920: return 0x2f55b4;
1986
        case iPhone41_iOS921: return 0x2f56c4;
1987
        case iPhone41_iOS930: return 0x2fcc8c;
1988
        case iPhone41_iOS931: return 0x2fcc8c;
1989
        case iPhone41_iOS932: return 0x2fcd80;
1990
        case iPhone41_iOS933: return 0x2fcec0;
1991
        case iPhone41_iOS934: return 0x2fcec0;
1992
        case iPhone51_iOS910: return 0x3040a4;
1993
        case iPhone51_iOS920: return 0x2fbb8c;
1994
        case iPhone51_iOS921: return 0x2fbc9c;
1995
        case iPhone51_iOS930: return 0x302e3c;
1996
        case iPhone51_iOS931: return 0x302e3c;
1997
        case iPhone51_iOS932: return 0x302df0;
1998
        case iPhone51_iOS933: return 0x302fd4;
1999
        case iPhone51_iOS934: return 0x302fd4;
2000
        case iPhone52_iOS902: return 0x302bdc;
2001
        case iPhone52_iOS910: return 0x3040a4;
2002
        case iPhone52_iOS920: return 0x2fbb8c;
2003
        case iPhone52_iOS921: return 0x2fbc9c;
2004
        case iPhone52_iOS930: return 0x302e3c;
2005
        case iPhone52_iOS931: return 0x302e3c;
2006
        case iPhone52_iOS932: return 0x302df0;
2007
        case iPhone52_iOS933: return 0x302fd4;
2008
        case iPhone52_iOS934: return 0x302fd4;
2009
        case iPhone53_iOS910: return 0x3040a4;
2010
        case iPhone53_iOS920: return 0x2fbb8c;
2011
        case iPhone53_iOS921: return 0x2fbc9c;
2012
        case iPhone53_iOS930: return 0x302e3c;
2013
        case iPhone53_iOS931: return 0x302e3c;
2014
        case iPhone53_iOS932: return 0x302df0;
2015
        case iPhone53_iOS933: return 0x302fd4;
2016
        case iPhone53_iOS934: return 0x302fd4;
2017
        case iPhone54_iOS910: return 0x3040a4;
2018
        case iPhone54_iOS920: return 0x2fbb8c;
2019
        case iPhone54_iOS921: return 0x2fbc9c;
2020
        case iPhone54_iOS930: return 0x302e3c;
2021
        case iPhone54_iOS931: return 0x302e3c;
2022
        case iPhone54_iOS932: return 0x302df0;
2023
        case iPhone54_iOS933: return 0x302fd4;
2024
        case iPhone54_iOS934: return 0x302fd4;
2025
        case iPad21_iOS910: return 0x2fe034;
2026
        case iPad21_iOS920: return 0x2f55b4;
2027
        case iPad21_iOS921: return 0x2f56c4;
2028
        case iPad21_iOS930: return 0x2fcc8c;
2029
        case iPad21_iOS931: return 0x2fcc8c;
2030
        case iPad21_iOS932: return 0x2fcd80;
2031
        case iPad21_iOS933: return 0x2fcec0;
2032
        case iPad21_iOS934: return 0x2fcec0;
2033
        case iPad22_iOS910: return 0x2fe034;
2034
        case iPad22_iOS920: return 0x2f55b4;
2035
        case iPad22_iOS921: return 0x2f56c4;
2036
        case iPad22_iOS930: return 0x2fcc8c;
2037
        case iPad22_iOS931: return 0x2fcc8c;
2038
        case iPad22_iOS932: return 0x2fcd80;
2039
        case iPad22_iOS933: return 0x2fcec0;
2040
        case iPad22_iOS934: return 0x2fcec0;
2041
        case iPad23_iOS910: return 0x2fe034;
2042
        case iPad23_iOS920: return 0x2f55b4;
2043
        case iPad23_iOS921: return 0x2f56c4;
2044
        case iPad23_iOS930: return 0x2fcc8c;
2045
        case iPad23_iOS931: return 0x2fcc8c;
2046
        case iPad23_iOS932: return 0x2fcd80;
2047
        case iPad23_iOS933: return 0x2fcec0;
2048
        case iPad23_iOS934: return 0x2fcec0;
2049
        case iPad24_iOS910: return 0x2fe034;
2050
        case iPad24_iOS920: return 0x2f55b4;
2051
        case iPad24_iOS921: return 0x2f56c4;
2052
        case iPad24_iOS930: return 0x2fcc8c;
2053
        case iPad24_iOS931: return 0x2fcc8c;
2054
        case iPad24_iOS932: return 0x2fcd80;
2055
        case iPad24_iOS933: return 0x2fcec0;
2056
        case iPad24_iOS934: return 0x2fcec0;
2057
        case iPad25_iOS902: return 0x2fca70;
2058
        case iPad31_iOS910: return 0x2fe034;
2059
        case iPad31_iOS920: return 0x2f55b4;
2060
        case iPad31_iOS921: return 0x2f56c4;
2061
        case iPad31_iOS930: return 0x2fcc8c;
2062
        case iPad31_iOS931: return 0x2fcc8c;
2063
        case iPad31_iOS932: return 0x2fcd80;
2064
        case iPad31_iOS933: return 0x2fcec0;
2065
        case iPad31_iOS934: return 0x2fcec0;
2066
        case iPad32_iOS910: return 0x2fe034;
2067
        case iPad32_iOS920: return 0x2f55b4;
2068
        case iPad32_iOS921: return 0x2f56c4;
2069
        case iPad32_iOS930: return 0x2fcc8c;
2070
        case iPad32_iOS931: return 0x2fcc8c;
2071
        case iPad32_iOS932: return 0x2fcd80;
2072
        case iPad32_iOS933: return 0x2fcec0;
2073
        case iPad32_iOS934: return 0x2fcec0;
2074
        case iPad33_iOS902: return 0x2fca70;
2075
        case iPad33_iOS910: return 0x2fe034;
2076
        case iPad33_iOS920: return 0x2f55b4;
2077
        case iPad33_iOS921: return 0x2f56c4;
2078
        case iPad33_iOS930: return 0x2fcc8c;
2079
        case iPad33_iOS931: return 0x2fcc8c;
2080
        case iPad33_iOS932: return 0x2fcd80;
2081
        case iPad33_iOS933: return 0x2fcec0;
2082
        case iPad33_iOS934: return 0x2fcec0;
2083
        case iPad34_iOS910: return 0x3040a4;
2084
        case iPad34_iOS920: return 0x2fbb8c;
2085
        case iPad34_iOS921: return 0x2fbc9c;
2086
        case iPad34_iOS930: return 0x302e3c;
2087
        case iPad34_iOS931: return 0x302e3c;
2088
        case iPad34_iOS932: return 0x302df0;
2089
        case iPad34_iOS933: return 0x302fd4;
2090
        case iPad34_iOS934: return 0x302fd4;
2091
        case iPad35_iOS910: return 0x3040a4;
2092
        case iPad35_iOS920: return 0x2fbb8c;
2093
        case iPad35_iOS921: return 0x2fbc9c;
2094
        case iPad35_iOS930: return 0x302e3c;
2095
        case iPad35_iOS931: return 0x302e3c;
2096
        case iPad35_iOS932: return 0x302df0;
2097
        case iPad35_iOS933: return 0x302fd4;
2098
        case iPad35_iOS934: return 0x302fd4;
2099
        case iPad36_iOS910: return 0x3040a4;
2100
        case iPad36_iOS920: return 0x2fbb8c;
2101
        case iPad36_iOS921: return 0x2fbc9c;
2102
        case iPad36_iOS930: return 0x302e3c;
2103
        case iPad36_iOS931: return 0x302e3c;
2104
        case iPad36_iOS932: return 0x302df0;
2105
        case iPad36_iOS933: return 0x302fd4;
2106
        case iPad36_iOS934: return 0x302fd4;
2107
        case iPod51_iOS910: return 0x2fe034;
2108
        case iPod51_iOS920: return 0x2f55b4;
2109
        case iPod51_iOS921: return 0x2f56c4;
2110
        case iPod51_iOS930: return 0x2fcc8c;
2111
        case iPod51_iOS931: return 0x2fcc8c;
2112
        case iPod51_iOS932: return 0x2fcd80;
2113
        case iPod51_iOS933: return 0x2fcec0;
2114
        case iPod51_iOS934: return 0x2fcec0;
2115
        default: return 0;
2116
    }
2117
}
2118

2119
static inline unsigned int find_setreuid(void) {
2120
    switch (target_environment) {
2121
        case iPhone41_iOS902: return 0x2a9754;
2122
        case iPhone41_iOS910: return 0x2aa31c;
2123
        case iPhone41_iOS920: return 0x2a3ab4;
2124
        case iPhone41_iOS921: return 0x2a3bc4;
2125
        case iPhone41_iOS930: return 0x2a977c;
2126
        case iPhone41_iOS931: return 0x2a977c;
2127
        case iPhone41_iOS932: return 0x2a985c;
2128
        case iPhone41_iOS933: return 0x2a9988;
2129
        case iPhone41_iOS934: return 0x2a9988;
2130
        case iPhone51_iOS910: return 0x2b00f0;
2131
        case iPhone51_iOS920: return 0x2a9e24;
2132
        case iPhone51_iOS921: return 0x2a9f34;
2133
        case iPhone51_iOS930: return 0x2af658;
2134
        case iPhone51_iOS931: return 0x2af658;
2135
        case iPhone51_iOS932: return 0x2af5f8;
2136
        case iPhone51_iOS933: return 0x2af7b8;
2137
        case iPhone51_iOS934: return 0x2af7b8;
2138
        case iPhone52_iOS902: return 0x2af674;
2139
        case iPhone52_iOS910: return 0x2b00f0;
2140
        case iPhone52_iOS920: return 0x2a9e24;
2141
        case iPhone52_iOS921: return 0x2a9f34;
2142
        case iPhone52_iOS930: return 0x2af658;
2143
        case iPhone52_iOS931: return 0x2af658;
2144
        case iPhone52_iOS932: return 0x2af5f8;
2145
        case iPhone52_iOS933: return 0x2af7b8;
2146
        case iPhone52_iOS934: return 0x2af7b8;
2147
        case iPhone53_iOS910: return 0x2b00f0;
2148
        case iPhone53_iOS920: return 0x2a9e24;
2149
        case iPhone53_iOS921: return 0x2a9f34;
2150
        case iPhone53_iOS930: return 0x2af658;
2151
        case iPhone53_iOS931: return 0x2af658;
2152
        case iPhone53_iOS932: return 0x2af5f8;
2153
        case iPhone53_iOS933: return 0x2af7b8;
2154
        case iPhone53_iOS934: return 0x2af7b8;
2155
        case iPhone54_iOS910: return 0x2b00f0;
2156
        case iPhone54_iOS920: return 0x2a9e24;
2157
        case iPhone54_iOS921: return 0x2a9f34;
2158
        case iPhone54_iOS930: return 0x2af658;
2159
        case iPhone54_iOS931: return 0x2af658;
2160
        case iPhone54_iOS932: return 0x2af5f8;
2161
        case iPhone54_iOS933: return 0x2af7b8;
2162
        case iPhone54_iOS934: return 0x2af7b8;
2163
        case iPad21_iOS910: return 0x2aa31c;
2164
        case iPad21_iOS920: return 0x2a3ab4;
2165
        case iPad21_iOS921: return 0x2a3bc4;
2166
        case iPad21_iOS930: return 0x2a977c;
2167
        case iPad21_iOS931: return 0x2a977c;
2168
        case iPad21_iOS932: return 0x2a985c;
2169
        case iPad21_iOS933: return 0x2a9988;
2170
        case iPad21_iOS934: return 0x2a9988;
2171
        case iPad22_iOS910: return 0x2aa31c;
2172
        case iPad22_iOS920: return 0x2a3ab4;
2173
        case iPad22_iOS921: return 0x2a3bc4;
2174
        case iPad22_iOS930: return 0x2a977c;
2175
        case iPad22_iOS931: return 0x2a977c;
2176
        case iPad22_iOS932: return 0x2a985c;
2177
        case iPad22_iOS933: return 0x2a9988;
2178
        case iPad22_iOS934: return 0x2a9988;
2179
        case iPad23_iOS910: return 0x2aa31c;
2180
        case iPad23_iOS920: return 0x2a3ab4;
2181
        case iPad23_iOS921: return 0x2a3bc4;
2182
        case iPad23_iOS930: return 0x2a977c;
2183
        case iPad23_iOS931: return 0x2a977c;
2184
        case iPad23_iOS932: return 0x2a985c;
2185
        case iPad23_iOS933: return 0x2a9988;
2186
        case iPad23_iOS934: return 0x2a9988;
2187
        case iPad24_iOS910: return 0x2aa31c;
2188
        case iPad24_iOS920: return 0x2a3ab4;
2189
        case iPad24_iOS921: return 0x2a3bc4;
2190
        case iPad24_iOS930: return 0x2a977c;
2191
        case iPad24_iOS931: return 0x2a977c;
2192
        case iPad24_iOS932: return 0x2a985c;
2193
        case iPad24_iOS933: return 0x2a9988;
2194
        case iPad24_iOS934: return 0x2a9988;
2195
        case iPad25_iOS902: return 0x2a9754;
2196
        case iPad31_iOS910: return 0x2aa31c;
2197
        case iPad31_iOS920: return 0x2a3ab4;
2198
        case iPad31_iOS921: return 0x2a3bc4;
2199
        case iPad31_iOS930: return 0x2a977c;
2200
        case iPad31_iOS931: return 0x2a977c;
2201
        case iPad31_iOS932: return 0x2a985c;
2202
        case iPad31_iOS933: return 0x2a9988;
2203
        case iPad31_iOS934: return 0x2a9988;
2204
        case iPad32_iOS910: return 0x2aa31c;
2205
        case iPad32_iOS920: return 0x2a3ab4;
2206
        case iPad32_iOS921: return 0x2a3bc4;
2207
        case iPad32_iOS930: return 0x2a977c;
2208
        case iPad32_iOS931: return 0x2a977c;
2209
        case iPad32_iOS932: return 0x2a985c;
2210
        case iPad32_iOS933: return 0x2a9988;
2211
        case iPad32_iOS934: return 0x2a9988;
2212
        case iPad33_iOS902: return 0x2a9754;
2213
        case iPad33_iOS910: return 0x2aa31c;
2214
        case iPad33_iOS920: return 0x2a3ab4;
2215
        case iPad33_iOS921: return 0x2a3bc4;
2216
        case iPad33_iOS930: return 0x2a977c;
2217
        case iPad33_iOS931: return 0x2a977c;
2218
        case iPad33_iOS932: return 0x2a985c;
2219
        case iPad33_iOS933: return 0x2a9988;
2220
        case iPad33_iOS934: return 0x2a9988;
2221
        case iPad34_iOS910: return 0x2b00f0;
2222
        case iPad34_iOS920: return 0x2a9e24;
2223
        case iPad34_iOS921: return 0x2a9f34;
2224
        case iPad34_iOS930: return 0x2af658;
2225
        case iPad34_iOS931: return 0x2af658;
2226
        case iPad34_iOS932: return 0x2af5f8;
2227
        case iPad34_iOS933: return 0x2af7b8;
2228
        case iPad34_iOS934: return 0x2af7b8;
2229
        case iPad35_iOS910: return 0x2b00f0;
2230
        case iPad35_iOS920: return 0x2a9e24;
2231
        case iPad35_iOS921: return 0x2a9f34;
2232
        case iPad35_iOS930: return 0x2af658;
2233
        case iPad35_iOS931: return 0x2af658;
2234
        case iPad35_iOS932: return 0x2af5f8;
2235
        case iPad35_iOS933: return 0x2af7b8;
2236
        case iPad35_iOS934: return 0x2af7b8;
2237
        case iPad36_iOS910: return 0x2b00f0;
2238
        case iPad36_iOS920: return 0x2a9e24;
2239
        case iPad36_iOS921: return 0x2a9f34;
2240
        case iPad36_iOS930: return 0x2af658;
2241
        case iPad36_iOS931: return 0x2af658;
2242
        case iPad36_iOS932: return 0x2af5f8;
2243
        case iPad36_iOS933: return 0x2af7b8;
2244
        case iPad36_iOS934: return 0x2af7b8;
2245
        case iPod51_iOS910: return 0x2aa31c;
2246
        case iPod51_iOS920: return 0x2a3ab4;
2247
        case iPod51_iOS921: return 0x2a3bc4;
2248
        case iPod51_iOS930: return 0x2a977c;
2249
        case iPod51_iOS931: return 0x2a977c;
2250
        case iPod51_iOS932: return 0x2a985c;
2251
        case iPod51_iOS933: return 0x2a9988;
2252
        case iPod51_iOS934: return 0x2a9988;
2253
        default: return 0;
2254
    }
2255
}
2256

2257
static inline unsigned int find_setreuid_cred_update(void) {
2258
    switch (target_environment) {
2259
        case iPhone41_iOS902: return 0xe040;
2260
        case iPhone41_iOS910: return 0xe031;
2261
        case iPhone41_iOS920: return 0xe031;
2262
        case iPhone41_iOS921: return 0xe031;
2263
        case iPhone41_iOS930: return 0xe031;
2264
        case iPhone41_iOS931: return 0xe031;
2265
        case iPhone41_iOS932: return 0xe031;
2266
        case iPhone41_iOS933: return 0xe031;
2267
        case iPhone41_iOS934: return 0xe031;
2268
        case iPhone51_iOS910: return 0xe031;
2269
        case iPhone51_iOS920: return 0xe031;
2270
        case iPhone51_iOS921: return 0xe031;
2271
        case iPhone51_iOS930: return 0xe031;
2272
        case iPhone51_iOS931: return 0xe031;
2273
        case iPhone51_iOS932: return 0xe031;
2274
        case iPhone51_iOS933: return 0xe031;
2275
        case iPhone51_iOS934: return 0xe031;
2276
        case iPhone52_iOS902: return 0xe042;
2277
        case iPhone52_iOS910: return 0xe031;
2278
        case iPhone52_iOS920: return 0xe031;
2279
        case iPhone52_iOS921: return 0xe031;
2280
        case iPhone52_iOS930: return 0xe031;
2281
        case iPhone52_iOS931: return 0xe031;
2282
        case iPhone52_iOS932: return 0xe031;
2283
        case iPhone52_iOS933: return 0xe031;
2284
        case iPhone52_iOS934: return 0xe031;
2285
        case iPhone53_iOS910: return 0xe031;
2286
        case iPhone53_iOS920: return 0xe031;
2287
        case iPhone53_iOS921: return 0xe031;
2288
        case iPhone53_iOS930: return 0xe031;
2289
        case iPhone53_iOS931: return 0xe031;
2290
        case iPhone53_iOS932: return 0xe031;
2291
        case iPhone53_iOS933: return 0xe031;
2292
        case iPhone53_iOS934: return 0xe031;
2293
        case iPhone54_iOS910: return 0xe031;
2294
        case iPhone54_iOS920: return 0xe031;
2295
        case iPhone54_iOS921: return 0xe031;
2296
        case iPhone54_iOS930: return 0xe031;
2297
        case iPhone54_iOS931: return 0xe031;
2298
        case iPhone54_iOS932: return 0xe031;
2299
        case iPhone54_iOS933: return 0xe031;
2300
        case iPhone54_iOS934: return 0xe031;
2301
        case iPad21_iOS910: return 0xe031;
2302
        case iPad21_iOS920: return 0xe031;
2303
        case iPad21_iOS921: return 0xe031;
2304
        case iPad21_iOS930: return 0xe031;
2305
        case iPad21_iOS931: return 0xe031;
2306
        case iPad21_iOS932: return 0xe031;
2307
        case iPad21_iOS933: return 0xe031;
2308
        case iPad21_iOS934: return 0xe031;
2309
        case iPad22_iOS910: return 0xe031;
2310
        case iPad22_iOS920: return 0xe031;
2311
        case iPad22_iOS921: return 0xe031;
2312
        case iPad22_iOS930: return 0xe031;
2313
        case iPad22_iOS931: return 0xe031;
2314
        case iPad22_iOS932: return 0xe031;
2315
        case iPad22_iOS933: return 0xe031;
2316
        case iPad22_iOS934: return 0xe031;
2317
        case iPad23_iOS910: return 0xe031;
2318
        case iPad23_iOS920: return 0xe031;
2319
        case iPad23_iOS921: return 0xe031;
2320
        case iPad23_iOS930: return 0xe031;
2321
        case iPad23_iOS931: return 0xe031;
2322
        case iPad23_iOS932: return 0xe031;
2323
        case iPad23_iOS933: return 0xe031;
2324
        case iPad23_iOS934: return 0xe031;
2325
        case iPad24_iOS910: return 0xe031;
2326
        case iPad24_iOS920: return 0xe031;
2327
        case iPad24_iOS921: return 0xe031;
2328
        case iPad24_iOS930: return 0xe031;
2329
        case iPad24_iOS931: return 0xe031;
2330
        case iPad24_iOS932: return 0xe031;
2331
        case iPad24_iOS933: return 0xe031;
2332
        case iPad24_iOS934: return 0xe031;
2333
        case iPad25_iOS902: return 0xe031;
2334
        case iPad31_iOS910: return 0xe031;
2335
        case iPad31_iOS920: return 0xe031;
2336
        case iPad31_iOS921: return 0xe031;
2337
        case iPad31_iOS930: return 0xe031;
2338
        case iPad31_iOS931: return 0xe031;
2339
        case iPad31_iOS932: return 0xe031;
2340
        case iPad31_iOS933: return 0xe031;
2341
        case iPad31_iOS934: return 0xe031;
2342
        case iPad32_iOS910: return 0xe031;
2343
        case iPad32_iOS920: return 0xe031;
2344
        case iPad32_iOS921: return 0xe031;
2345
        case iPad32_iOS930: return 0xe031;
2346
        case iPad32_iOS931: return 0xe031;
2347
        case iPad32_iOS932: return 0xe031;
2348
        case iPad32_iOS933: return 0xe031;
2349
        case iPad32_iOS934: return 0xe031;
2350
        case iPad33_iOS902: return 0xe031;
2351
        case iPad33_iOS910: return 0xe031;
2352
        case iPad33_iOS920: return 0xe031;
2353
        case iPad33_iOS921: return 0xe031;
2354
        case iPad33_iOS930: return 0xe031;
2355
        case iPad33_iOS931: return 0xe031;
2356
        case iPad33_iOS932: return 0xe031;
2357
        case iPad33_iOS933: return 0xe031;
2358
        case iPad33_iOS934: return 0xe031;
2359
        case iPad34_iOS910: return 0xe031;
2360
        case iPad34_iOS920: return 0xe031;
2361
        case iPad34_iOS921: return 0xe031;
2362
        case iPad34_iOS930: return 0xe031;
2363
        case iPad34_iOS931: return 0xe031;
2364
        case iPad34_iOS932: return 0xe031;
2365
        case iPad34_iOS933: return 0xe031;
2366
        case iPad34_iOS934: return 0xe031;
2367
        case iPad35_iOS910: return 0xe031;
2368
        case iPad35_iOS920: return 0xe031;
2369
        case iPad35_iOS921: return 0xe031;
2370
        case iPad35_iOS930: return 0xe031;
2371
        case iPad35_iOS931: return 0xe031;
2372
        case iPad35_iOS932: return 0xe031;
2373
        case iPad35_iOS933: return 0xe031;
2374
        case iPad35_iOS934: return 0xe031;
2375
        case iPad36_iOS910: return 0xe031;
2376
        case iPad36_iOS920: return 0xe031;
2377
        case iPad36_iOS921: return 0xe031;
2378
        case iPad36_iOS930: return 0xe031;
2379
        case iPad36_iOS931: return 0xe031;
2380
        case iPad36_iOS932: return 0xe031;
2381
        case iPad36_iOS933: return 0xe031;
2382
        case iPad36_iOS934: return 0xe031;
2383
        case iPod51_iOS910: return 0xe03e;
2384
        case iPod51_iOS920: return 0xe031;
2385
        case iPod51_iOS921: return 0xe031;
2386
        case iPod51_iOS930: return 0xe031;
2387
        case iPod51_iOS931: return 0xe031;
2388
        case iPod51_iOS932: return 0xe031;
2389
        case iPod51_iOS933: return 0xe031;
2390
        case iPod51_iOS934: return 0xe031;
2391
        default: return 0;
2392
    }
2393
}
2394

2395
static inline unsigned int find_pid_check(void) {
2396
    switch (target_environment) {
2397
        case iPhone41_iOS902: return 0x16;
2398
        case iPhone41_iOS910: return 0x14;
2399
        case iPhone41_iOS920: return 0x14;
2400
        case iPhone41_iOS921: return 0x14;
2401
        case iPhone41_iOS930: return 0x14;
2402
        case iPhone41_iOS931: return 0x14;
2403
        case iPhone41_iOS932: return 0x14;
2404
        case iPhone41_iOS933: return 0x14;
2405
        case iPhone41_iOS934: return 0x14;
2406
        case iPhone51_iOS910: return 0x16;
2407
        case iPhone51_iOS920: return 0x16;
2408
        case iPhone51_iOS921: return 0x16;
2409
        case iPhone51_iOS930: return 0x16;
2410
        case iPhone51_iOS931: return 0x16;
2411
        case iPhone51_iOS932: return 0x16;
2412
        case iPhone51_iOS933: return 0x16;
2413
        case iPhone51_iOS934: return 0x16;
2414
        case iPhone52_iOS902: return 0x18;
2415
        case iPhone52_iOS910: return 0x16;
2416
        case iPhone52_iOS920: return 0x16;
2417
        case iPhone52_iOS921: return 0x16;
2418
        case iPhone52_iOS930: return 0x16;
2419
        case iPhone52_iOS931: return 0x16;
2420
        case iPhone52_iOS932: return 0x16;
2421
        case iPhone52_iOS933: return 0x16;
2422
        case iPhone52_iOS934: return 0x16;
2423
        case iPhone53_iOS910: return 0x16;
2424
        case iPhone53_iOS920: return 0x16;
2425
        case iPhone53_iOS921: return 0x16;
2426
        case iPhone53_iOS930: return 0x16;
2427
        case iPhone53_iOS931: return 0x16;
2428
        case iPhone53_iOS932: return 0x16;
2429
        case iPhone53_iOS933: return 0x16;
2430
        case iPhone53_iOS934: return 0x16;
2431
        case iPhone54_iOS910: return 0x16;
2432
        case iPhone54_iOS920: return 0x16;
2433
        case iPhone54_iOS921: return 0x16;
2434
        case iPhone54_iOS930: return 0x16;
2435
        case iPhone54_iOS931: return 0x16;
2436
        case iPhone54_iOS932: return 0x16;
2437
        case iPhone54_iOS933: return 0x16;
2438
        case iPhone54_iOS934: return 0x16;
2439
        case iPad21_iOS910: return 0x16;
2440
        case iPad21_iOS920: return 0x14;
2441
        case iPad21_iOS921: return 0x14;
2442
        case iPad21_iOS930: return 0x14;
2443
        case iPad21_iOS931: return 0x14;
2444
        case iPad21_iOS932: return 0x14;
2445
        case iPad21_iOS933: return 0x14;
2446
        case iPad21_iOS934: return 0x14;
2447
        case iPad22_iOS910: return 0x16;
2448
        case iPad22_iOS920: return 0x14;
2449
        case iPad22_iOS921: return 0x14;
2450
        case iPad22_iOS930: return 0x14;
2451
        case iPad22_iOS931: return 0x14;
2452
        case iPad22_iOS932: return 0x14;
2453
        case iPad22_iOS933: return 0x14;
2454
        case iPad22_iOS934: return 0x14;
2455
        case iPad23_iOS910: return 0x16;
2456
        case iPad23_iOS920: return 0x14;
2457
        case iPad23_iOS921: return 0x14;
2458
        case iPad23_iOS930: return 0x14;
2459
        case iPad23_iOS931: return 0x14;
2460
        case iPad23_iOS932: return 0x14;
2461
        case iPad23_iOS933: return 0x14;
2462
        case iPad23_iOS934: return 0x14;
2463
        case iPad24_iOS910: return 0x16;
2464
        case iPad24_iOS920: return 0x14;
2465
        case iPad24_iOS921: return 0x14;
2466
        case iPad24_iOS930: return 0x14;
2467
        case iPad24_iOS931: return 0x14;
2468
        case iPad24_iOS932: return 0x14;
2469
        case iPad24_iOS933: return 0x14;
2470
        case iPad24_iOS934: return 0x14;
2471
        case iPad25_iOS902: return 0x16;
2472
        case iPad31_iOS910: return 0x16;
2473
        case iPad31_iOS920: return 0x14;
2474
        case iPad31_iOS921: return 0x14;
2475
        case iPad31_iOS930: return 0x14;
2476
        case iPad31_iOS931: return 0x14;
2477
        case iPad31_iOS932: return 0x14;
2478
        case iPad31_iOS933: return 0x14;
2479
        case iPad31_iOS934: return 0x14;
2480
        case iPad32_iOS910: return 0x16;
2481
        case iPad32_iOS920: return 0x14;
2482
        case iPad32_iOS921: return 0x14;
2483
        case iPad32_iOS930: return 0x14;
2484
        case iPad32_iOS931: return 0x14;
2485
        case iPad32_iOS932: return 0x14;
2486
        case iPad32_iOS933: return 0x14;
2487
        case iPad32_iOS934: return 0x14;
2488
        case iPad33_iOS902: return 0x16;
2489
        case iPad33_iOS910: return 0x16;
2490
        case iPad33_iOS920: return 0x14;
2491
        case iPad33_iOS921: return 0x14;
2492
        case iPad33_iOS930: return 0x14;
2493
        case iPad33_iOS931: return 0x14;
2494
        case iPad33_iOS932: return 0x14;
2495
        case iPad33_iOS933: return 0x14;
2496
        case iPad33_iOS934: return 0x14;
2497
        case iPad34_iOS910: return 0x16;
2498
        case iPad34_iOS920: return 0x14;
2499
        case iPad34_iOS921: return 0x14;
2500
        case iPad34_iOS930: return 0x14;
2501
        case iPad34_iOS931: return 0x14;
2502
        case iPad34_iOS932: return 0x14;
2503
        case iPad34_iOS933: return 0x14;
2504
        case iPad34_iOS934: return 0x14;
2505
        case iPad35_iOS910: return 0x16;
2506
        case iPad35_iOS920: return 0x14;
2507
        case iPad35_iOS921: return 0x14;
2508
        case iPad35_iOS930: return 0x14;
2509
        case iPad35_iOS931: return 0x14;
2510
        case iPad35_iOS932: return 0x14;
2511
        case iPad35_iOS933: return 0x14;
2512
        case iPad35_iOS934: return 0x14;
2513
        case iPad36_iOS910: return 0x16;
2514
        case iPad36_iOS920: return 0x14;
2515
        case iPad36_iOS921: return 0x14;
2516
        case iPad36_iOS930: return 0x14;
2517
        case iPad36_iOS931: return 0x14;
2518
        case iPad36_iOS932: return 0x14;
2519
        case iPad36_iOS933: return 0x14;
2520
        case iPad36_iOS934: return 0x14;
2521
        case iPod51_iOS910: return 0x16;
2522
        case iPod51_iOS920: return 0x14;
2523
        case iPod51_iOS921: return 0x14;
2524
        case iPod51_iOS930: return 0x14;
2525
        case iPod51_iOS931: return 0x14;
2526
        case iPod51_iOS932: return 0x14;
2527
        case iPod51_iOS933: return 0x14;
2528
        case iPod51_iOS934: return 0x14;
2529
        default: return 0;
2530
    }
2531
}
2532

2533
static inline unsigned int find_posix_check(void) {
2534
    switch (target_environment) {
2535
        case iPhone41_iOS902: return 0x40;
2536
        case iPhone41_iOS910: return 0x3e;
2537
        case iPhone41_iOS920: return 0x3e;
2538
        case iPhone41_iOS921: return 0x3e;
2539
        case iPhone41_iOS930: return 0x3e;
2540
        case iPhone41_iOS931: return 0x3e;
2541
        case iPhone41_iOS932: return 0x3e;
2542
        case iPhone41_iOS933: return 0x3e;
2543
        case iPhone41_iOS934: return 0x3e;
2544
        case iPhone51_iOS910: return 0x3e;
2545
        case iPhone51_iOS920: return 0x3e;
2546
        case iPhone51_iOS921: return 0x3e;
2547
        case iPhone51_iOS930: return 0x3e;
2548
        case iPhone51_iOS931: return 0x3e;
2549
        case iPhone51_iOS932: return 0x3e;
2550
        case iPhone51_iOS933: return 0x3e;
2551
        case iPhone51_iOS934: return 0x3e;
2552
        case iPhone52_iOS902: return 0x40;
2553
        case iPhone52_iOS910: return 0x3e;
2554
        case iPhone52_iOS920: return 0x3e;
2555
        case iPhone52_iOS921: return 0x3e;
2556
        case iPhone52_iOS930: return 0x3e;
2557
        case iPhone52_iOS931: return 0x3e;
2558
        case iPhone52_iOS932: return 0x3e;
2559
        case iPhone52_iOS933: return 0x3e;
2560
        case iPhone52_iOS934: return 0x3e;
2561
        case iPhone53_iOS910: return 0x3e;
2562
        case iPhone53_iOS920: return 0x3e;
2563
        case iPhone53_iOS921: return 0x3e;
2564
        case iPhone53_iOS930: return 0x3e;
2565
        case iPhone53_iOS931: return 0x3e;
2566
        case iPhone53_iOS932: return 0x3e;
2567
        case iPhone53_iOS933: return 0x3e;
2568
        case iPhone53_iOS934: return 0x3e;
2569
        case iPhone54_iOS910: return 0x3e;
2570
        case iPhone54_iOS920: return 0x3e;
2571
        case iPhone54_iOS921: return 0x3e;
2572
        case iPhone54_iOS930: return 0x3e;
2573
        case iPhone54_iOS931: return 0x3e;
2574
        case iPhone54_iOS932: return 0x3e;
2575
        case iPhone54_iOS933: return 0x3e;
2576
        case iPhone54_iOS934: return 0x3e;
2577
        case iPad21_iOS910: return 0x40;
2578
        case iPad21_iOS920: return 0x3e;
2579
        case iPad21_iOS921: return 0x3e;
2580
        case iPad21_iOS930: return 0x3e;
2581
        case iPad21_iOS931: return 0x3e;
2582
        case iPad21_iOS932: return 0x3e;
2583
        case iPad21_iOS933: return 0x3e;
2584
        case iPad21_iOS934: return 0x3e;
2585
        case iPad22_iOS910: return 0x40;
2586
        case iPad22_iOS920: return 0x3e;
2587
        case iPad22_iOS921: return 0x3e;
2588
        case iPad22_iOS930: return 0x3e;
2589
        case iPad22_iOS931: return 0x3e;
2590
        case iPad22_iOS932: return 0x3e;
2591
        case iPad22_iOS933: return 0x3e;
2592
        case iPad22_iOS934: return 0x3e;
2593
        case iPad23_iOS910: return 0x40;
2594
        case iPad23_iOS920: return 0x3e;
2595
        case iPad23_iOS921: return 0x3e;
2596
        case iPad23_iOS930: return 0x3e;
2597
        case iPad23_iOS931: return 0x3e;
2598
        case iPad23_iOS932: return 0x3e;
2599
        case iPad23_iOS933: return 0x3e;
2600
        case iPad23_iOS934: return 0x3e;
2601
        case iPad24_iOS910: return 0x40;
2602
        case iPad24_iOS920: return 0x3e;
2603
        case iPad24_iOS921: return 0x3e;
2604
        case iPad24_iOS930: return 0x3e;
2605
        case iPad24_iOS931: return 0x3e;
2606
        case iPad24_iOS932: return 0x3e;
2607
        case iPad24_iOS933: return 0x3e;
2608
        case iPad24_iOS934: return 0x3e;
2609
        case iPad25_iOS902: return 0x40;
2610
        case iPad31_iOS910: return 0x40;
2611
        case iPad31_iOS920: return 0x3e;
2612
        case iPad31_iOS921: return 0x3e;
2613
        case iPad31_iOS930: return 0x3e;
2614
        case iPad31_iOS931: return 0x3e;
2615
        case iPad31_iOS932: return 0x3e;
2616
        case iPad31_iOS933: return 0x3e;
2617
        case iPad31_iOS934: return 0x3e;
2618
        case iPad32_iOS910: return 0x40;
2619
        case iPad32_iOS920: return 0x3e;
2620
        case iPad32_iOS921: return 0x3e;
2621
        case iPad32_iOS930: return 0x3e;
2622
        case iPad32_iOS931: return 0x3e;
2623
        case iPad32_iOS932: return 0x3e;
2624
        case iPad32_iOS933: return 0x3e;
2625
        case iPad32_iOS934: return 0x3e;
2626
        case iPad33_iOS902: return 0x40;
2627
        case iPad33_iOS910: return 0x40;
2628
        case iPad33_iOS920: return 0x3e;
2629
        case iPad33_iOS921: return 0x3e;
2630
        case iPad33_iOS930: return 0x3e;
2631
        case iPad33_iOS931: return 0x3e;
2632
        case iPad33_iOS932: return 0x3e;
2633
        case iPad33_iOS933: return 0x3e;
2634
        case iPad33_iOS934: return 0x3e;
2635
        case iPad34_iOS910: return 0x40;
2636
        case iPad34_iOS920: return 0x3e;
2637
        case iPad34_iOS921: return 0x3e;
2638
        case iPad34_iOS930: return 0x3e;
2639
        case iPad34_iOS931: return 0x3e;
2640
        case iPad34_iOS932: return 0x3e;
2641
        case iPad34_iOS933: return 0x3e;
2642
        case iPad34_iOS934: return 0x3e;
2643
        case iPad35_iOS910: return 0x40;
2644
        case iPad35_iOS920: return 0x3e;
2645
        case iPad35_iOS921: return 0x3e;
2646
        case iPad35_iOS930: return 0x3e;
2647
        case iPad35_iOS931: return 0x3e;
2648
        case iPad35_iOS932: return 0x3e;
2649
        case iPad35_iOS933: return 0x3e;
2650
        case iPad35_iOS934: return 0x3e;
2651
        case iPad36_iOS910: return 0x40;
2652
        case iPad36_iOS920: return 0x3e;
2653
        case iPad36_iOS921: return 0x3e;
2654
        case iPad36_iOS930: return 0x3e;
2655
        case iPad36_iOS931: return 0x3e;
2656
        case iPad36_iOS932: return 0x3e;
2657
        case iPad36_iOS933: return 0x3e;
2658
        case iPad36_iOS934: return 0x3e;
2659
        case iPod51_iOS910: return 0x40;
2660
        case iPod51_iOS920: return 0x3e;
2661
        case iPod51_iOS921: return 0x3e;
2662
        case iPod51_iOS930: return 0x3e;
2663
        case iPod51_iOS931: return 0x3e;
2664
        case iPod51_iOS932: return 0x3e;
2665
        case iPod51_iOS933: return 0x3e;
2666
        case iPod51_iOS934: return 0x3e;
2667
        default: return 0;
2668
    }
2669
}
2670

2671
static inline unsigned int find_mac_proc_check(void) {
2672
    switch (target_environment) {
2673
        case iPhone41_iOS902: return 0x224;
2674
        case iPhone41_iOS910: return 0x224;
2675
        case iPhone41_iOS920: return 0x1e6;
2676
        case iPhone41_iOS921: return 0x1e6;
2677
        case iPhone41_iOS930: return 0x1e6;
2678
        case iPhone41_iOS931: return 0x1e6;
2679
        case iPhone41_iOS932: return 0x1e6;
2680
        case iPhone41_iOS933: return 0x1e6;
2681
        case iPhone41_iOS934: return 0x1e6;
2682
        case iPhone51_iOS910: return 0x1e6;
2683
        case iPhone51_iOS920: return 0x1e6;
2684
        case iPhone51_iOS921: return 0x1e6;
2685
        case iPhone51_iOS930: return 0x1e6;
2686
        case iPhone51_iOS931: return 0x1e6;
2687
        case iPhone51_iOS932: return 0x1e6;
2688
        case iPhone51_iOS933: return 0x1e6;
2689
        case iPhone51_iOS934: return 0x1e6;
2690
        case iPhone52_iOS902: return 0x224;
2691
        case iPhone52_iOS910: return 0x1e6;
2692
        case iPhone52_iOS920: return 0x1e6;
2693
        case iPhone52_iOS921: return 0x1e6;
2694
        case iPhone52_iOS930: return 0x1e6;
2695
        case iPhone52_iOS931: return 0x1e6;
2696
        case iPhone52_iOS932: return 0x1e6;
2697
        case iPhone52_iOS933: return 0x1e6;
2698
        case iPhone52_iOS934: return 0x1e6;
2699
        case iPhone53_iOS910: return 0x1e6;
2700
        case iPhone53_iOS920: return 0x1e6;
2701
        case iPhone53_iOS921: return 0x1e6;
2702
        case iPhone53_iOS930: return 0x1e6;
2703
        case iPhone53_iOS931: return 0x1e6;
2704
        case iPhone53_iOS932: return 0x1e6;
2705
        case iPhone53_iOS933: return 0x1e6;
2706
        case iPhone53_iOS934: return 0x1e6;
2707
        case iPhone54_iOS910: return 0x1e6;
2708
        case iPhone54_iOS920: return 0x1e6;
2709
        case iPhone54_iOS921: return 0x1e6;
2710
        case iPhone54_iOS930: return 0x1e6;
2711
        case iPhone54_iOS931: return 0x1e6;
2712
        case iPhone54_iOS932: return 0x1e6;
2713
        case iPhone54_iOS933: return 0x1e6;
2714
        case iPhone54_iOS934: return 0x1e6;
2715
        case iPad21_iOS910: return 0x224;
2716
        case iPad21_iOS920: return 0x1e6;
2717
        case iPad21_iOS921: return 0x1e6;
2718
        case iPad21_iOS930: return 0x1e6;
2719
        case iPad21_iOS931: return 0x1e6;
2720
        case iPad21_iOS932: return 0x1e6;
2721
        case iPad21_iOS933: return 0x1e6;
2722
        case iPad21_iOS934: return 0x1e6;
2723
        case iPad22_iOS910: return 0x224;
2724
        case iPad22_iOS920: return 0x1e6;
2725
        case iPad22_iOS921: return 0x1e6;
2726
        case iPad22_iOS930: return 0x1e6;
2727
        case iPad22_iOS931: return 0x1e6;
2728
        case iPad22_iOS932: return 0x1e6;
2729
        case iPad22_iOS933: return 0x1e6;
2730
        case iPad22_iOS934: return 0x1e6;
2731
        case iPad23_iOS910: return 0x224;
2732
        case iPad23_iOS920: return 0x1e6;
2733
        case iPad23_iOS921: return 0x1e6;
2734
        case iPad23_iOS930: return 0x1e6;
2735
        case iPad23_iOS931: return 0x1e6;
2736
        case iPad23_iOS932: return 0x1e6;
2737
        case iPad23_iOS933: return 0x1e6;
2738
        case iPad23_iOS934: return 0x1e6;
2739
        case iPad24_iOS910: return 0x224;
2740
        case iPad24_iOS920: return 0x1e6;
2741
        case iPad24_iOS921: return 0x1e6;
2742
        case iPad24_iOS930: return 0x1e6;
2743
        case iPad24_iOS931: return 0x1e6;
2744
        case iPad24_iOS932: return 0x1e6;
2745
        case iPad24_iOS933: return 0x1e6;
2746
        case iPad24_iOS934: return 0x1e6;
2747
        case iPad25_iOS902: return 0x224;
2748
        case iPad31_iOS910: return 0x224;
2749
        case iPad31_iOS920: return 0x1e6;
2750
        case iPad31_iOS921: return 0x1e6;
2751
        case iPad31_iOS930: return 0x1e6;
2752
        case iPad31_iOS931: return 0x1e6;
2753
        case iPad31_iOS932: return 0x1e6;
2754
        case iPad31_iOS933: return 0x1e6;
2755
        case iPad31_iOS934: return 0x1e6;
2756
        case iPad32_iOS910: return 0x224;
2757
        case iPad32_iOS920: return 0x1e6;
2758
        case iPad32_iOS921: return 0x1e6;
2759
        case iPad32_iOS930: return 0x1e6;
2760
        case iPad32_iOS931: return 0x1e6;
2761
        case iPad32_iOS932: return 0x1e6;
2762
        case iPad32_iOS933: return 0x1e6;
2763
        case iPad32_iOS934: return 0x1e6;
2764
        case iPad33_iOS902: return 0x224;
2765
        case iPad33_iOS910: return 0x224;
2766
        case iPad33_iOS920: return 0x1e6;
2767
        case iPad33_iOS921: return 0x1e6;
2768
        case iPad33_iOS930: return 0x1e6;
2769
        case iPad33_iOS931: return 0x1e6;
2770
        case iPad33_iOS932: return 0x1e6;
2771
        case iPad33_iOS933: return 0x1e6;
2772
        case iPad33_iOS934: return 0x1e6;
2773
        case iPad34_iOS910: return 0x224;
2774
        case iPad34_iOS920: return 0x1e6;
2775
        case iPad34_iOS921: return 0x1e6;
2776
        case iPad34_iOS930: return 0x1e6;
2777
        case iPad34_iOS931: return 0x1e6;
2778
        case iPad34_iOS932: return 0x1e6;
2779
        case iPad34_iOS933: return 0x1e6;
2780
        case iPad34_iOS934: return 0x1e6;
2781
        case iPad35_iOS910: return 0x224;
2782
        case iPad35_iOS920: return 0x1e6;
2783
        case iPad35_iOS921: return 0x1e6;
2784
        case iPad35_iOS930: return 0x1e6;
2785
        case iPad35_iOS931: return 0x1e6;
2786
        case iPad35_iOS932: return 0x1e6;
2787
        case iPad35_iOS933: return 0x1e6;
2788
        case iPad35_iOS934: return 0x1e6;
2789
        case iPad36_iOS910: return 0x224;
2790
        case iPad36_iOS920: return 0x1e6;
2791
        case iPad36_iOS921: return 0x1e6;
2792
        case iPad36_iOS930: return 0x1e6;
2793
        case iPad36_iOS931: return 0x1e6;
2794
        case iPad36_iOS932: return 0x1e6;
2795
        case iPad36_iOS933: return 0x1e6;
2796
        case iPad36_iOS934: return 0x1e6;
2797
        case iPod51_iOS910: return 0x224;
2798
        case iPod51_iOS920: return 0x1e6;
2799
        case iPod51_iOS921: return 0x1e6;
2800
        case iPod51_iOS930: return 0x1e6;
2801
        case iPod51_iOS931: return 0x1e6;
2802
        case iPod51_iOS932: return 0x1e6;
2803
        case iPod51_iOS933: return 0x1e6;
2804
        case iPod51_iOS934: return 0x1e6;
2805
        default: return 0;
2806
    }
2807
}
2808

2809
/*r2 -q kcache/kernelcache.bin -c "is" | grep memcmp*/
2810
/*3588 0x000c3c80 0x800c4c80 GLOBAL   FUNC    0 _memcmp*/
2811
static inline unsigned int find_memcmp(void) {
2812
    switch (target_environment) {
2813
        case iPhone41_iOS934: return 0x000c085c;
2814
        case iPhone41_iOS933: return 0x000c085c;
2815
        case iPhone41_iOS932: return 0x000c08ec;
2816
        case iPhone41_iOS930: return 0x000c08dc;
2817
        case iPhone41_iOS921: return 0x000bfd7c;
2818
        case iPhone41_iOS920: return 0x000bfd2c;
2819
        case iPhone41_iOS910: return 0x000c1340;
2820
        case iPhone41_iOS902: return 0x000c11d0;
2821
        case iPhone51_iOS934: return 0x000c3e10;
2822
        case iPhone51_iOS933: return 0x000c3e10;
2823
        case iPhone51_iOS932: return 0x000c3c80;
2824
        case iPhone51_iOS930: return 0x000c3c90;
2825
        case iPhone51_iOS921: return 0x000c2ff0;
2826
        case iPhone51_iOS920: return 0x000c2fb0;
2827
        case iPhone51_iOS910: return 0x000c42c4;
2828
        /*case iPhone51_iOS902: return 0x000c4124;*/
2829
        case iPhone52_iOS934: return 0x000c3e10;
2830
        case iPhone52_iOS933: return 0x000c3e10;
2831
        case iPhone52_iOS932: return 0x000c3c80;
2832
        case iPhone52_iOS930: return 0x000c3c90;
2833
        case iPhone52_iOS921: return 0x000c2ff0;
2834
        case iPhone52_iOS920: return 0x000c2fb0;
2835
        case iPhone52_iOS910: return 0x000c42c4;
2836
        case iPhone52_iOS902: return 0x000c4124;
2837
        case iPhone53_iOS934: return 0x000c3e10;
2838
        case iPhone53_iOS933: return 0x000c3e10;
2839
        case iPhone53_iOS932: return 0x000c3c80;
2840
        case iPhone53_iOS930: return 0x000c3c90;
2841
        case iPhone53_iOS921: return 0x000c2ff0;
2842
        case iPhone53_iOS920: return 0x000c2fb0;
2843
        case iPhone53_iOS910: return 0x000c42c4;
2844
        /*case iPhone53_iOS902: return 0x000c4124;*/
2845
        case iPhone54_iOS934: return 0x000c3e10;
2846
        case iPhone54_iOS933: return 0x000c3e10;
2847
        case iPhone54_iOS932: return 0x000c3c80;
2848
        case iPhone54_iOS930: return 0x000c3c90;
2849
        case iPhone54_iOS921: return 0x000c2ff0;
2850
        case iPhone54_iOS920: return 0x000c2fb0;
2851
        case iPhone54_iOS910: return 0x000c42c4;
2852
        /*case iPhone54_iOS902: return 0x000c4124;*/
2853
        case iPad21_iOS934: return 0x000c085c;
2854
        case iPad21_iOS933: return 0x000c085c;
2855
        case iPad21_iOS932: return 0x000c08ec;
2856
        case iPad21_iOS930: return 0x000c08dc;
2857
        case iPad21_iOS921: return 0x000bfd7c;
2858
        case iPad21_iOS920: return 0x000bfd2c;
2859
        case iPad21_iOS910: return 0x000c1340;
2860
        /*case iPad21_iOS902: return 0x000c11d0;*/
2861
        case iPad22_iOS934: return 0x000c085c;
2862
        case iPad22_iOS933: return 0x000c085c;
2863
        case iPad22_iOS932: return 0x000c08ec;
2864
        case iPad22_iOS930: return 0x000c08dc;
2865
        case iPad22_iOS921: return 0x000bfd7c;
2866
        case iPad22_iOS920: return 0x000bfd2c;
2867
        case iPad22_iOS910: return 0x000c1340;
2868
        /*case iPad22_iOS902: return 0x000c11d0;*/
2869
        case iPad23_iOS934: return 0x000c085c;
2870
        case iPad23_iOS933: return 0x000c085c;
2871
        case iPad23_iOS932: return 0x000c08ec;
2872
        case iPad23_iOS930: return 0x000c08dc;
2873
        case iPad23_iOS921: return 0x000bfd7c;
2874
        case iPad23_iOS920: return 0x000bfd2c;
2875
        case iPad23_iOS910: return 0x000c1340;
2876
        /*case iPad23_iOS902: return 0x000c11d0;*/
2877
        case iPad24_iOS934: return 0x000c085c;
2878
        case iPad24_iOS933: return 0x000c085c;
2879
        case iPad24_iOS932: return 0x000c08ec;
2880
        case iPad24_iOS930: return 0x000c08dc;
2881
        case iPad24_iOS921: return 0x000bfd7c;
2882
        case iPad24_iOS920: return 0x000bfd2c;
2883
        case iPad24_iOS910: return 0x000c1340;
2884
        /*case iPad24_iOS902: return 0x000c11d0;*/
2885
        case iPad31_iOS934: return 0x000c085c;
2886
        case iPad31_iOS933: return 0x000c085c;
2887
        case iPad31_iOS932: return 0x000c08ec;
2888
        case iPad31_iOS930: return 0x000c08dc;
2889
        case iPad31_iOS921: return 0x000bfd7c;
2890
        case iPad31_iOS920: return 0x000bfd2c;
2891
        case iPad31_iOS910: return 0x000c1340;
2892
        /*case iPad31_iOS902: return 0x000c11d0;*/
2893
        case iPad32_iOS934: return 0x000c085c;
2894
        case iPad32_iOS933: return 0x000c085c;
2895
        case iPad32_iOS932: return 0x000c08ec;
2896
        case iPad32_iOS930: return 0x000c08dc;
2897
        case iPad32_iOS921: return 0x000bfd7c;
2898
        case iPad32_iOS920: return 0x000bfd2c;
2899
        case iPad32_iOS910: return 0x000c1340;
2900
        /*case iPad32_iOS902: return 0x000c11d0;*/
2901
        case iPad33_iOS934: return 0x000c085c;
2902
        case iPad33_iOS933: return 0x000c085c;
2903
        case iPad33_iOS932: return 0x000c08ec;
2904
        case iPad33_iOS930: return 0x000c08dc;
2905
        case iPad33_iOS921: return 0x000bfd7c;
2906
        case iPad33_iOS920: return 0x000bfd2c;
2907
        case iPad33_iOS910: return 0x000c1340;
2908
        /*case iPad33_iOS902: return 0x000c11d0;*/
2909
        case iPad34_iOS934: return 0x000c3e10;
2910
        case iPad34_iOS933: return 0x000c3e10;
2911
        case iPad34_iOS932: return 0x000c3c80;
2912
        case iPad34_iOS930: return 0x000c3c90;
2913
        case iPad34_iOS921: return 0x000c2ff0;
2914
        case iPad34_iOS920: return 0x000c2fb0;
2915
        case iPad34_iOS910: return 0x000c42c4;
2916
        /*case iPad34_iOS902: return 0x000c4124;*/
2917
        case iPad35_iOS934: return 0x000c3e10;
2918
        case iPad35_iOS933: return 0x000c3e10;
2919
        case iPad35_iOS932: return 0x000c3c80;
2920
        case iPad35_iOS930: return 0x000c3c90;
2921
        case iPad35_iOS921: return 0x000c2ff0;
2922
        case iPad35_iOS920: return 0x000c2fb0;
2923
        case iPad35_iOS910: return 0x000c42c4;
2924
        /*case iPad35_iOS902: return 0x000c4124;*/
2925
        case iPad36_iOS934: return 0x000c3e10;
2926
        case iPad36_iOS933: return 0x000c3e10;
2927
        case iPad36_iOS932: return 0x000c3c80;
2928
        case iPad36_iOS930: return 0x000c3c90;
2929
        case iPad36_iOS921: return 0x000c2ff0;
2930
        case iPad36_iOS920: return 0x000c2fb0;
2931
        case iPad36_iOS910: return 0x000c42c4;
2932
        /*case iPad36_iOS902: return 0x000c4124;*/
2933
        case iPod51_iOS934: return 0x000c085c;
2934
        case iPod51_iOS933: return 0x000c085c;
2935
        case iPod51_iOS932: return 0x000c08ec;
2936
        case iPod51_iOS930: return 0x000c08dc;
2937
        case iPod51_iOS921: return 0x000bfd7c;
2938
        case iPod51_iOS920: return 0x000bfd2c;
2939
        case iPod51_iOS910: return 0x000c1340;
2940
        /*case iPod51_iOS902: return 0x000c11d0;*/
2941
        default: return 0;
2942
    }
2943
}
2944

2945

2946
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

Product

Resources

Company

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more, all in one place.

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
