Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

gdbinit / Kextstat_aslr

Implementation of kexstat via /dev/kmem with kernel ASLR support

Programming Languages

50402 projects - #5 most used programming language

 _____                              _____

| __ | ______ __ __ __ | |_ ______ ____ _____ | |/ / || | \ / _| |_ | \ || ___|| | | | | \ || ___| / \|_ _|| \ |-.`-. | | |
||_\ |||//_\ || ||_\ |||||||_
|| |_____|

Kextstat ASLR

A small util to list OS X kernel extensions with true addresses. System kextstat util doesn't return info with kernel ASLR slide.

Uses processor_set_tasks() vulnerability or /dev/kmem to read kernel memory.

If processor_set_tasks() vuln not available you need to enable /dev/kmem. Edit /Library/Preferences/SystemConfiguration/com.apple.Boot.plist add kmem=1 parameter, and reboot!

This version can work with all Mountain Lion/Mavericks versions out of the box. It should work with any future OS X versions if OSArray class doesn't change.

The license is GPLv3 due to diStorm licensing terms.

Enjoy, fG!

Change log:

v0.1 - Initial version v0.2 - Retrieve kaslr slide via kas_info() syscall. Thanks to posixninja for the tip :-) v0.3 - Cleanups v1.0 - Use diStorm to find sLoadedKexts so everything is dynamic The only dependency is on OSArray class, since we are using fixed offsets v1.1 - Try to use processor_set_tasks() vulnerability to read kernel memory before trying to use /dev/kmem

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 37

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (1) 🔗