Skip to content

Instantly share code, notes, and snippets.

View BlueFalconHD's full-sized avatar
🧭

BlueFalconHD BlueFalconHD

🧭
34 followers · 146 following
View GitHub Profile
@BlueFalconHD
BlueFalconHD / asm.txt
Created June 15, 2025 01:34
Turing complete 'SPACIAL INVASION' assembly solution
# UNIVERSAL OPERAND CONSTANTS
const or0 0b000000
const ir0 0b000000
const or1 0b000001
const ir1 0b001000
const or2 0b000010
const ir2 0b010000
const or3 0b000011
const ir3 0b011000
const or4 0b000100
@BlueFalconHD
BlueFalconHD / fix.sh
Created June 14, 2025 03:30
If you are having issues getting Metal to work on macOS 26.0 developer beta, here are some things to do
#!/usr/bin/env bash
sudo rm /Library/Developer/Xcode.app # remove old symlink
sudo ln -s /Applications/Xcode-26.0.0-Beta.app /Library/Developer/Xcode.app # new symlink
sudo xcode-select -s /Applications/Xcode-26.0.0-Beta.app # select
# delete possibly pre-existing
xcodebuild -deleteComponent metalToolchain
# fix described in apple release notes: https://developer.apple.com/documentation/xcode-release-notes/xcode-26-release-notes#Metal
@BlueFalconHD
BlueFalconHD / oslog_info.py
Created May 16, 2025 14:39
LLDB script that prints all os log subsystems
import lldb
def _on_hit(frame, bp_loc, _dict):
process = frame.GetThread().GetProcess()
error = lldb.SBError()
# os_log_t os_log_create(const char *subsystem <$x0>, const char *category <$x1>);
p_sub = frame.EvaluateExpression("$x0").GetValueAsUnsigned()
p_cat = frame.EvaluateExpression("$x1").GetValueAsUnsigned()
@BlueFalconHD
BlueFalconHD / gameboy.lua
Last active April 28, 2025 01:08
Replicube demo Gameboy solution
-- cs: 594, c/v: 328.552
local function union(a, b)
return function(x, y, z)
local v = a(x, y, z)
return (v ~= 0) and v or b(x, y, z)
end
end
local function union_col(a, b)
return function(x, y, z)
@BlueFalconHD
BlueFalconHD / thing.js
Created February 18, 2025 20:45
// ==UserScript==
// @name Quill.org Enhanced Interaction Script
// @namespace https://www.quill.org/
// @version 1.5
// @description Pressing Enter clicks "Next Question", "Submit", or "Recheck Work" buttons on quill.org. Adds a progress bar on completion and auto-focuses on input fields.
// @author
// @match *://*.quill.org/*
// @grant none
// ==/UserScript==
@BlueFalconHD
BlueFalconHD / fix_cfstring.py
Created February 9, 2025 21:19
DYLD Extracted Shared Cache CFString offset fixer
import idc
import idaapi
import idautils
import ida_auto
import re
import random
# CFString structure offsets
OFFSET_ISA = 0x0 # pointer to isa
OFFSET_INFO = 0x8 # info pointer
@BlueFalconHD
BlueFalconHD / getting_to_the_core_of_the_eligibility_system_on_os.md
Created February 1, 2025 22:38
Getting to the *core* of the eligibility system on *OS.

Getting to the core of the eligibility system on *OS.

I have been really interested in Apple internals recently, and I have been really into debugging/reverse engineering. I got the tools from Apple’s open source dyld project building (there were many missing components), and decided to play around with it a bit. I extracted the shared cache, and also got a map of all of the symbols and things like that.

Each executable, or ‘file’ inside the shared cache is called an image, and every image has “fix-ups” Apple applies to it before adding it to the shared cache (or after). Originally, the entire purpose of the DYLD shared cache was performance, and it probably partially still is, but in my personal opinion, there is an aspect of secrecy to bundling every library on the system into one file.

The fix-ups that are applied to the binaries are incredibly hard to work around. For example, some references into other parts of the shared cache are transformed into static addresses in memory, and since the share

@BlueFalconHD
BlueFalconHD / keys.py
Created January 25, 2025 02:19
Info.plist all keys that appear somewhere within DYLD's shared cache referenced executables
# CFBundleName: <class 'str'>
# DTXcodeBuild: <class 'str'>
# CFBundleDisplayName: <class 'str'>
# CFBundleInfoDictionaryVersion: <class 'str'>
# DTXcode: <class 'str'>
# NullAudioDriverConfiguration: <class 'dict'>
# CFBundleIdentifier: <class 'str'>
# Adam ID: <class 'str'>
# CFBundleExecutable: <class 'str'>
# UIDeviceFamily: <class 'list'>
@BlueFalconHD
BlueFalconHD / info.md
Last active October 12, 2024 03:16
XNU syscalls list.

info

all information about syscalls listed here was obtained from [1] and various other sites. Some information might be out-of-date or incorrect. if this is found to be the case i will update the gist accordingly. both a markdown version and a plain-text version have been attached. Refer to the notes section under the table for more information.

[1] https://github.com/apple-oss-distributions/xnu/blob/main/bsd/kern/syscalls.master

@BlueFalconHD
BlueFalconHD / give.mcfunction
Created January 1, 2024 21:53
everybreaker
give @p netherite_pickaxe{display:{Name:'[{"text":"everybreaker","italic":false,"color":"dark_green"}]'},CanDestroy:["minecraft:acacia_button", "minecraft:acacia_door", "minecraft:acacia_fence", "minecraft:acacia_fence_gate", "minecraft:acacia_hanging_sign", "minecraft:acacia_leaves", "minecraft:acacia_log", "minecraft:acacia_planks", "minecraft:acacia_pressure_plate", "minecraft:acacia_sapling", "minecraft:acacia_sign", "minecraft:acacia_slab", "minecraft:acacia_stairs", "minecraft:acacia_trapdoor", "minecraft:acacia_hanging_sign", "minecraft:acacia_sign", "minecraft:acacia_wood", "minecraft:activator_rail", "minecraft:air", "minecraft:allium", "minecraft:amethyst_block", "minecraft:amethyst_cluster", "minecraft:ancient_debris", "minecraft:andesite", "minecraft:andesite_slab", "minecraft:andesite_stairs", "minecraft:andesite_wall", "minecraft:anvil", "minecraft:melon_seeds", "minecraft:pumpkin_seeds", "minecraft:azalea", "minecraft:azalea_leaves", "minecraft:azure_bluet", "minecraft:bamboo", "minecraft:bambo