Code Iterates, Minds Innovate

From a One-Byte Type Error in DFG JIT to Arbitrary Memory Read/Write on iPhone

Thu, 19 Mar 2026 00:00:00 +0000

The full exploitation journey of a type declaration error in WebKit's JavaScriptCore DFG compiler — from a NodeResultInt32 (should be NodeResultJS) in the DFGNodeType.h macro table, through GC write barrier bypass triggering Use-After-Free, step by step to stable arbitrary memory read/write on a stock iPhone.

macOS AMFI Bypass: ObjC Runtime Swizzle in Practice

Mon, 16 Mar 2026 00:00:00 +0000

A deep dive into amfid injection on Apple Silicon and why call-through ObjC swizzling works when common injection methods fail.

CVE-2026-20660: CFNetwork NSGZipDecoder Path Traversal to Arbitrary File Write

Tue, 10 Mar 2026 00:00:00 +0000

1-day analysis of CVE-2026-20660 — a path traversal vulnerability in Apple's CFNetwork NSGZipDecoder that allows arbitrary file write via malicious gzip FNAME headers.

A Clean & Simple Guide to Using Python Virtual Environments with IDA Pro on macOS

Thu, 02 Oct 2025 00:00:00 +0000

For any serious reverse engineer, keeping a clean and organized scripting environment is key. Using a Python virtual environment (venv) for your IDA Pro projects is the best way to manage dependencies and avoid conflicts.

Many online guides are outdated, recommending methods that no longer work. This post provides a single, modern, and straightforward solution to connect a Python venv to IDA Pro on macOS using the official, built-in IDAPythonrc startup script.

How to Use Frida to Find Block Parameters

Sun, 11 May 2025 00:00:00 +0000

Have you ever wanted to peek inside an app on your iPhone or iPad to see exactly what data it’s processing, especially to understand what information it’s sending or receiving? Today, I’ll introduce you to a simple yet powerful method using Frida, which enables you to dynamically detect the parameters of a special piece of code called a “block” within iOS applications.

First: What Exactly is a Block?

In iOS programming, a block is a small, self-contained piece of code that you can pass around your app to be executed later. Imagine it as giving your phone number (the block) to a friend who can then call you when something important happens.

How to build a PWN environment on Mac

Tue, 15 Apr 2025 00:00:00 +0000

Download UTM and install it. You can use command

brew install --cask utm

Download the image form https://releases.ubuntu.com/22.04/ and install it.

Then install gdb server by running the command

sudo apt install gdbserver

if you wan to debug some executable file for 32 bit, then you must run the command:

sudo dpkg --add-architecture i386
sudo apt update
sudo apt install libc6:i386 libncurses5:i386 libstdc++6:i386

After the environment setup, you could use

About

Mon, 01 Jan 0001 00:00:00 +0000

About this blog and its author