blacktop/ipsw v3.1.469

on GitHub

Highlight

Export diaphora databases with IDA Pro

❯ ipsw kernel ida 21F5048f__iPhone16,2/kernelcache.release.iPhone16,2 com.apple.security.sandbox \
    --script ~/Developer/Github/joxeankoret/diaphora/diaphora.py
? Multiple IDA Pro Versions Found: /Applications/IDA Pro 8.4/ida64.app/Contents/MacOS
   • Starting IDA Pro...
   • 🎉 Done!                   db="21F5048f__iPhone16,2/KC_iPhone16,2_ARM64e_com.apple.security.sandbox.i64"

❯ ll 21F5048f__iPhone16,2/*.db
-rw-r--r--@ 1 blacktop  staff    56M Apr  9 16:48 "KC_iPhone16,2_ARM64e_com.apple.security.sandbox_diaphora.db"

This also works with DSC

❯ ipsw dsc ida DSC DYLIB --script ~/Developer/Github/joxeankoret/diaphora/diaphora.py

Changelog

New Features

• be34732: feat: add ability to analyze single KEXT in IDA Pro via ipsw kernel ida KC KEXT cmd + initial diaphora export support (@blacktop)
• 89c71b4: feat: add initial ipsw dsc ida diaphora export support (@blacktop)

Bug fixes

• b22253f: fix: ipsw diff macho equality check (@blacktop)
• d68424c: fix: allow IDA Pro cmds using diaphora to not require a DB path (@blacktop)
• 5dfef8e: fix: trim cwd from IDA db file output (@blacktop)

Dependency updates

• ae5b221: chore(deps): bump deps (@blacktop)
• 391d420: chore(deps): bump peaceiris/actions-gh-pages from 3 to 4 (#435) (@dependabot[bot])

Summary

Full Changelog: v3.1.468...v3.1.469

What to do next?

• Read the documentation
• Follow us on Twitter
• Follow us on Mastodon