This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Failed to load latest commit information.
_____ _____ __| __ |__ ______ __ __ __ __|_ |__ ______ ____ _____ | |/ / || ___| \ ` / _| |_ | \ || ___|| | | | | \ || ___| / \|_ _|| \ | `-.`-. | |_ | \ |__|\__\ __||______|/__/\_\ |__| |__|\__\ __||______||______||__|\__\ |_____| |_____| Kextstat ASLR A small util to list OS X kernel extensions with true addresses. System kextstat util doesn't return info with kernel ASLR slide. (c) fG!, 2012, 2013, 2014 - email@example.com - http://reverse.put.as Uses processor_set_tasks() vulnerability or /dev/kmem to read kernel memory. If processor_set_tasks() vuln not available you need to enable /dev/kmem. Edit /Library/Preferences/SystemConfiguration/com.apple.Boot.plist add kmem=1 parameter, and reboot! This version can work with all Mountain Lion/Mavericks versions out of the box. It should work with any future OS X versions if OSArray class doesn't change. The license is GPLv3 due to diStorm licensing terms. Enjoy, fG! Change log: v0.1 - Initial version v0.2 - Retrieve kaslr slide via kas_info() syscall. Thanks to posixninja for the tip :-) v0.3 - Cleanups v1.0 - Use diStorm to find sLoadedKexts so everything is dynamic The only dependency is on OSArray class, since we are using fixed offsets v1.1 - Try to use processor_set_tasks() vulnerability to read kernel memory before trying to use /dev/kmem