https://ret0.dev/ Recent content on Code Iterates, Minds Innovate Hugo en-us Mon, 16 Mar 2026 00:00:00 +0000 https://ret0.dev/posts/macos-amfi-bypass-objc-runtime-swizzle/ Mon, 16 Mar 2026 00:00:00 +0000 https://ret0.dev/posts/macos-amfi-bypass-objc-runtime-swizzle/ A deep dive into amfid injection on Apple Silicon and why call-through ObjC swizzling works when common injection methods fail. https://ret0.dev/posts/cve-2026-20660/ Tue, 10 Mar 2026 00:00:00 +0000 https://ret0.dev/posts/cve-2026-20660/ 1-day analysis of CVE-2026-20660 — a path traversal vulnerability in Apple&#39;s CFNetwork NSGZipDecoder that allows arbitrary file write via malicious gzip FNAME headers. https://ret0.dev/posts/using-venv-with-ida/ Thu, 02 Oct 2025 00:00:00 +0000 https://ret0.dev/posts/using-venv-with-ida/ <p>For any serious reverse engineer, keeping a clean and organized scripting environment is key. Using a Python virtual environment (<code>venv</code>) for your IDA Pro projects is the best way to manage dependencies and avoid conflicts.</p> <p>Many online guides are outdated, recommending methods that no longer work. This post provides a single, modern, and straightforward solution to connect a Python <code>venv</code> to IDA Pro on macOS using the official, built-in <code>IDAPythonrc</code> startup script.</p> https://ret0.dev/posts/how-to-use-frida-hook-oc-block/ Sun, 11 May 2025 00:00:00 +0000 https://ret0.dev/posts/how-to-use-frida-hook-oc-block/ <p>Have you ever wanted to peek inside an app on your iPhone or iPad to see exactly what data it&rsquo;s processing, especially to understand what information it&rsquo;s sending or receiving? Today, I&rsquo;ll introduce you to a simple yet powerful method using Frida, which enables you to dynamically detect the parameters of a special piece of code called a &ldquo;block&rdquo; within iOS applications.</p> <h2 id="first-what-exactly-is-a-block">First: What Exactly is a Block?</h2> <p>In iOS programming, a block is a small, self-contained piece of code that you can pass around your app to be executed later. Imagine it as giving your phone number (the block) to a friend who can then call you when something important happens.</p> https://ret0.dev/posts/how-to-build-pwn-env-on-mac/ Tue, 15 Apr 2025 00:00:00 +0000 https://ret0.dev/posts/how-to-build-pwn-env-on-mac/ <ol> <li>Download UTM and install it. You can use command</li> </ol> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>brew install --cask utm </span></span></code></pre></div><ol start="2"> <li>Download the image form <a href="https://releases.ubuntu.com/22.04/">https://releases.ubuntu.com/22.04/</a> and install it.</li> </ol> <p>Then install gdb server by running the command</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>sudo apt install gdbserver </span></span></code></pre></div><p>if you wan to debug some executable file for 32 bit, then you must run the command:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-fallback" data-lang="fallback"><span style="display:flex;"><span>sudo dpkg --add-architecture i386 </span></span><span style="display:flex;"><span>sudo apt update </span></span><span style="display:flex;"><span>sudo apt install libc6:i386 libncurses5:i386 libstdc++6:i386 </span></span></code></pre></div><p>After the environment setup, you could use</p> https://ret0.dev/about/ Mon, 01 Jan 0001 00:00:00 +0000 https://ret0.dev/about/ About this blog and its author