This commit is contained in:
comex 2011-03-22 13:58:03 -04:00
parent 72d549020a
commit 1f0a686645

View File

@ -113,15 +113,14 @@ void do_kernel(struct binary *binary, struct binary *sandbox) {
// PE_i_can_has_debugger (patch4) - so AMFI allows non-ldid'd binaries (and some other stuff is allowed) // PE_i_can_has_debugger (patch4) - so AMFI allows non-ldid'd binaries (and some other stuff is allowed)
// switching to patching the actual thing, and the startup code // switching to patching the actual thing, and the startup code
// why? debug_enabled is used directly in kdp, and I was not emulating PE_i_can_has's behavior correctly anyway // why? debug_enabled is used directly in kdp, and I was not emulating PE_i_can_has's behavior correctly anyway
patch("debug_enabled", printf("%x\n", find_string(b_macho_segrange(binary, "__TEXT"), "debug-enabled", 1, true));
patch("+debug_enabled",
resolve_ldr(binary, _PE_i_can_has_debugger + 2), resolve_ldr(binary, _PE_i_can_has_debugger + 2),
uint32_t, {1}); uint32_t, {1});
patch("debug-enabled", patch("debug_enabled initializer",
// it does occur in multiple places, although only once in __TEXT I think find_data(b_macho_segrange(binary, "__TEXT"), is_armv7 ? "04 22 01 92 00 98 .. 49 -" : "?", 0, true),
find_string(b_macho_segrange(binary, "__TEXT"), "debug-enabled", 1, true), uint32_t, {0x60082001}); // mov r0, #1; str r0, [r1]
uint8_t, {'^'});
// task_for_pid 0 // task_for_pid 0