From 09a1c2fd5c6dfe6f1a1b351a62c9e44065fac6ba Mon Sep 17 00:00:00 2001 From: Jake James Date: Sun, 10 Mar 2019 20:15:48 +0100 Subject: [PATCH] these are not slid --- patchfinder64.m | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/patchfinder64.m b/patchfinder64.m index 1a1e915..436e44d 100644 --- a/patchfinder64.m +++ b/patchfinder64.m @@ -1405,7 +1405,7 @@ addr_t Find_l2tp_domain_module_start() { // not sure if this is constant among all devices if (val == 0x8010000001821088) return string + KernDumpBase - 0x20; // return 0; - return string + KernDumpBase - 0x20; + return string + KernDumpBase - 0x20 + KASLR_Slide; } addr_t Find_l2tp_domain_module_stop() { @@ -1418,7 +1418,7 @@ addr_t Find_l2tp_domain_module_stop() { // not sure if this is constant among all devices if (val == 0x8178000001821180) return string + KernDumpBase - 0x18; // return 0; - return string + KernDumpBase - 0x18; + return string + KernDumpBase - 0x18 + KASLR_Slide; } addr_t Find_l2tp_domain_inited() { @@ -1433,7 +1433,7 @@ addr_t Find_l2tp_domain_inited() { return 0; } - return addr + KernDumpBase; + return addr + KernDumpBase + KASLR_Slide; } addr_t Find_sysctl_net_ppp_l2tp() { @@ -1449,7 +1449,7 @@ addr_t Find_sysctl_net_ppp_l2tp() { return 0; } - return addr + KernDumpBase; + return addr + KernDumpBase + KASLR_Slide; } addr_t Find_sysctl_unregister_oid() { @@ -1474,7 +1474,7 @@ addr_t Find_sysctl_unregister_oid() { if (!call) { return 0; } - return call + KernDumpBase; + return call + KernDumpBase + KASLR_Slide; } addr_t Find_mov_x0_x4__br_x5() { @@ -1487,7 +1487,7 @@ addr_t Find_mov_x0_x4__br_x5() { return 0; } - return addr - (uint64_t)Kernel + KernDumpBase; + return addr - (uint64_t)Kernel + KernDumpBase + KASLR_Slide; } addr_t Find_mov_x9_x0__br_x1() { @@ -1500,7 +1500,7 @@ addr_t Find_mov_x9_x0__br_x1() { return 0; } - return addr - (uint64_t)Kernel + KernDumpBase; + return addr - (uint64_t)Kernel + KernDumpBase + KASLR_Slide; } addr_t Find_mov_x10_x3__br_x6() { @@ -1513,7 +1513,7 @@ addr_t Find_mov_x10_x3__br_x6() { return 0; } - return addr - (uint64_t)Kernel + KernDumpBase; + return addr - (uint64_t)Kernel + KernDumpBase + KASLR_Slide; } addr_t Find_kernel_forge_pacia_gadget() { @@ -1527,7 +1527,7 @@ addr_t Find_kernel_forge_pacia_gadget() { return 0; } - return addr - (uint64_t)Kernel + KernDumpBase; + return addr - (uint64_t)Kernel + KernDumpBase + KASLR_Slide; } addr_t Find_kernel_forge_pacda_gadget() { @@ -1541,7 +1541,7 @@ addr_t Find_kernel_forge_pacda_gadget() { return 0; } - return addr - (uint64_t)Kernel + KernDumpBase; + return addr - (uint64_t)Kernel + KernDumpBase + KASLR_Slide; } addr_t Find_IOUserClient_vtable() { @@ -1569,7 +1569,7 @@ addr_t Find_IOUserClient_vtable() { //vtable -= 0x10; - return vtable + KernDumpBase; + return vtable + KernDumpBase + KASLR_Slide; } addr_t Find_IORegistryEntry__getRegistryEntryID() { @@ -1594,5 +1594,5 @@ addr_t Find_IORegistryEntry__getRegistryEntryID() { addr = (uint64_t)Boyermoore_horspool_memmem((unsigned char *)(addr + 4), XNUCore_Size, (const unsigned char *)bytes, sizeof(bytes)); } - return addr + KernDumpBase - (uint64_t)Kernel;; + return addr + KernDumpBase - (uint64_t)Kernel + KASLR_Slide; }