Incorrect QiLin Header

Used for discussing the various tools in the book as well as encouraging members to share tools

Incorrect QiLin Header

Postby fergofrog » Wed Jan 17, 2018 9:23 am

Playing around with QiLin (thanks J!), I've noticed the header file doesn't quite match the object's exports.

The following functions in the header aren't exported:
  • setCSFlagsForPid
  • platformizePid
  • rootifyPid
  • ShaiHuludPid
  • unShaiHuludPid
  • entitlePidWithKernelEnts
  • unShaiHuludMe
  • launjctlLaunchdPlist
  • launjctlPrintSystem
  • launjctlDumpState
  • setStatusFunction
  • setErrorHandler
  • setDebugHandler

However, more useful to me, the following alternatives to many of the above were exported:
  • platformizeProcAtAddr
  • ShaiHuludProcessAtAddr
  • entitlePID
  • entitleProcAtAddress

It was easy to RE the args for the functions I needed, but would it be possible to get your "export" version of the header for future updates?
Posts: 1
Joined: Wed Jan 17, 2018 9:08 am

Re: Incorrect QiLin Header

Postby morpheus » Thu Jan 18, 2018 12:44 pm

My bad. Pushed a new header + object file today - also added a useful function or two.
Site Admin
Posts: 738
Joined: Thu Apr 11, 2013 6:24 pm

Return to Tools

Who is online

Users browsing this forum: No registered users and 4 guests