Skip to content

fengjixuchui/XNU-Kernel-Fuzzer

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
PrivateHeaders
PrivateHeaders
 
 
XNUFuzzer.xcodeproj
XNUFuzzer.xcodeproj
 
 
XNUFuzzer
XNUFuzzer
 
 
XNUFuzzerTests
XNUFuzzerTests
 
 
XNUFuzzerUITests
XNUFuzzerUITests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

XNU Kernel Fuzzer

A fuzzer for Apple's iOS (Darwin) Operating System.

The fuzzer talks to several endpoints accessible from within the sandbox and can attack both userland and kernelspace interfaces.

The fuzzer is written in C, Objective-C and inline assembly.

Userland

  • TODO

Kernelspace

  • System calls
  • MACH (MUCK) traps
  • IOKit and it's children (Kexts and drivers)

Debugging functionality

  • Logs to either Xcode or an in-app view
  • Logs processor registers in real-time

Credits

  • Jake James (Mach-O parser for the kernelcache)
  • Willem Hengeveld (lzss decompression algorithm)
  • OSXFuzz (generic fuzzing functionality)
  • Apple Inc. (private headers and frameworks, they might be licensed)
  • liblorgnette
  • Capstone

About

A fuzzer for the iOS kernel and userland

exploitatiion.cool/Software

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Languages

  • C 79.8%
  • Objective-C 20.2%