Skip to content
/ kobject Public

A tool to pull C++ object names from kernel memory

16 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Billy-Ellis/kobject

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
src
src
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 
ent.xml
ent.xml
 
 

Repository files navigation

kobject

A tool to pull C++ object names from kernel memory

Implementation is a bit hacky, lots of room for improvement. Just someting I threw together a couple months ago.

Tested on iOS 12 iPod touch, and iOS 14.4 iPhone 7 Plus.

Compile

  1. Have an iOS sdk in /var/sdks/iPhoneOS.sdk
  2. Run ./build.sh

Usage

Supply a kernel virtual memory address as the first argument. If there's a C++ object at this address, the name will be returned.

iPod-touch:/var/mobile root# kobject 0xfffffff077837a00
IOMobileFramebufferUserClient
iPod-touch:/var/mobile root#

If there is not, the device will either panic, return a weird non-ASCII string, or tell you that there is no object here.

Billy Ellis (@bellis1000)

About

A tool to pull C++ object names from kernel memory

Resources

Readme
Activity

Stars

16 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages