Proteas · June 15, 2021 02:50 · Jun 15, 2021
diff --git a/blastdoor-ids-mach.txt b/blastdoor-ids-mach.txt
@@ -0,0 +1,32 @@
+MSC__kernelrpc_mach_vm_allocate_trap
+MSC__kernelrpc_mach_vm_purgable_control_trap
+MSC__kernelrpc_mach_vm_deallocate_trap
+MSC__kernelrpc_mach_vm_protect_trap
+MSC__kernelrpc_mach_vm_map_trap
+MSC__kernelrpc_mach_port_allocate_trap
+MSC__kernelrpc_mach_port_deallocate_trap
+MSC__kernelrpc_mach_port_mod_refs_trap
+MSC__kernelrpc_mach_port_insert_right_trap
+MSC__kernelrpc_mach_port_insert_member_trap
+MSC__kernelrpc_mach_port_construct_trap
+MSC__kernelrpc_mach_port_destruct_trap
+MSC_mach_reply_port
+MSC_thread_self_trap
+MSC_task_self_trap
+MSC_host_self_trap
+MSC_mach_msg_trap
+MSC_mach_msg_overwrite_trap
+MSC_semaphore_signal_trap
+MSC_semaphore_wait_trap
+MSC_semaphore_timedwait_trap
+MSC__kernelrpc_mach_port_get_attributes_trap
+MSC__kernelrpc_mach_port_guard_trap
+MSC_mach_generate_activity_id
+MSC_thread_get_special_reply_port
+MSC_syscall_thread_switch
+MSC_host_create_mach_voucher_trap
+MSC_mach_voucher_extract_attr_recipe_trap
+MSC__kernelrpc_mach_port_type_trap
+MSC__kernelrpc_mach_port_request_notification_trap
+MSC_mach_timebase_info_trap
+MSC_mk_timer_create
diff --git a/blastdoor-ids-mig.txt b/blastdoor-ids-mig.txt
@@ -0,0 +1,36 @@
+host_info
+host_get_io_master
+host_get_clock_service
+host_request_notification
+host_get_special_port
+clock_get_time
+mach_exception_raise
+io_iterator_next
+io_registry_entry_from_path
+io_registry_entry_get_property_bytes
+io_service_close
+io_service_open_extended
+io_connect_method
+io_server_version
+io_service_get_matching_service_bin
+io_service_get_matching_services_bin
+io_registry_entry_get_property_bin_buf
+mach_port_get_refs
+mach_port_request_notification
+mach_port_set_attributes
+mach_port_is_connection_for_service
+mach_ports_lookup
+task_info_from_user
+task_get_special_port_from_user
+task_set_special_port
+semaphore_create
+semaphore_destroy
+thread_info
+thread_policy_set
+vm_copy
+mach_make_memory_entry_64
+mach_vm_copy
+mach_vm_map_external
+_mach_make_memory_entry
+task_restartable_ranges_register
+task_restartable_ranges_synchronize
diff --git a/blastdoor-ids-unix.txt b/blastdoor-ids-unix.txt
@@ -0,0 +1,158 @@
+SYS_exit
+SYS_read
+SYS_write
+SYS_open
+SYS_close
+SYS_unlink
+SYS_chmod
+SYS_getfsstat
+SYS_getpid
+SYS_getuid
+SYS_geteuid
+SYS_sendmsg
+SYS_access
+SYS_chflags
+SYS_fchflags
+SYS_kill
+SYS_getegid
+SYS_sigaction
+SYS_getgid
+SYS_sigprocmask
+SYS_sigpending
+SYS_sigaltstack
+SYS_ioctl
+SYS_readlink
+SYS_umask
+SYS_munmap
+SYS_mprotect
+SYS_madvise
+SYS_fcntl
+SYS_socket
+SYS_connect
+SYS_sigsuspend
+SYS_gettimeofday
+SYS_getrusage
+SYS_readv
+SYS_writev
+SYS_fchmod
+SYS_sendto
+SYS_mkdir
+SYS_rmdir
+SYS_utimes
+SYS_futimes
+SYS_pread
+SYS_pwrite
+SYS_statfs
+SYS_fstatfs
+SYS_quotactl
+SYS_csops
+SYS_csops_audittoken
+SYS_kdebug_typefilter
+SYS_kdebug_trace_string
+SYS_kdebug_trace64
+SYS_sigreturn
+SYS_stat
+SYS_fstat
+SYS_lstat
+SYS_pathconf
+SYS_getrlimit
+SYS_setrlimit
+SYS_mmap
+SYS_lseek
+SYS_sysctl
+SYS_getattrlist
+SYS_fsetattrlist
+SYS_setxattr
+SYS_fsetxattr
+SYS_removexattr
+SYS_fremovexattr
+SYS_shm_open
+SYS_sysctlbyname
+SYS_stat_extended
+SYS_lstat_extended
+SYS_fstat_extended
+SYS_chmod_extended
+SYS_fchmod_extended
+SYS_gettid
+SYS_mkdir_extended
+SYS_shared_region_check_np
+SYS_psynch_rw_longrdlock
+SYS_psynch_rw_yieldwrlock
+SYS_psynch_rw_downgrade
+SYS_psynch_rw_upgrade
+SYS_psynch_mutexwait
+SYS_psynch_mutexdrop
+SYS_psynch_cvbroad
+SYS_psynch_cvsignal
+SYS_psynch_cvwait
+SYS_psynch_rw_rdlock
+SYS_psynch_rw_wrlock
+SYS_psynch_rw_unlock
+SYS_psynch_rw_unlock2
+SYS_psynch_cvclrprepost
+SYS_process_policy
+SYS_issetugid
+SYS___pthread_kill
+SYS___pthread_sigmask
+SYS___sigwait
+SYS___disable_threadsignal
+SYS___pthread_markcancel
+SYS___pthread_canceled
+SYS_proc_info
+SYS_stat64
+SYS_fstat64
+SYS_lstat64
+SYS_stat64_extended
+SYS_lstat64_extended
+SYS_fstat64_extended
+SYS_getdirentries64
+SYS_statfs64
+SYS_fstatfs64
+SYS_getfsstat64
+SYS___pthread_chdir
+SYS___pthread_fchdir
+SYS_bsdthread_create
+SYS_bsdthread_terminate
+SYS_kevent
+SYS_bsdthread_register
+SYS_workq_open
+SYS_workq_kernreturn
+SYS_kevent64
+SYS_thread_selfid
+SYS_kevent_qos
+SYS_kevent_id
+SYS___mac_syscall
+SYS_read_nocancel
+SYS_write_nocancel
+SYS_open_nocancel
+SYS_close_nocancel
+SYS_sendmsg_nocancel
+SYS_fcntl_nocancel
+SYS_sigsuspend_nocancel
+SYS_readv_nocancel
+SYS_writev_nocancel
+SYS_sendto_nocancel
+SYS_pread_nocancel
+SYS_pwrite_nocancel
+SYS___sigwait_nocancel
+SYS___semwait_signal_nocancel
+SYS_fsgetpath
+SYS_guarded_close_np
+SYS_proc_rlimit_control
+SYS_getattrlistbulk
+SYS_openat
+SYS_openat_nocancel
+SYS_fchmodat
+SYS_fstatat
+SYS_fstatat64
+SYS_unlinkat
+SYS_mkdirat
+SYS_bsdthread_ctl
+SYS_csrctl
+SYS_mremap_encrypted
+SYS_getentropy
+SYS_ulock_wait
+SYS_ulock_wake
+SYS_abort_with_payload
+SYS_setattrlistat
+SYS_os_fault_with_payload
diff --git a/blastdoor-messages-mach.txt b/blastdoor-messages-mach.txt
@@ -0,0 +1,33 @@
+MSC__kernelrpc_mach_vm_allocate_trap
+MSC__kernelrpc_mach_vm_purgable_control_trap
+MSC__kernelrpc_mach_vm_deallocate_trap
+MSC__kernelrpc_mach_vm_protect_trap
+MSC__kernelrpc_mach_vm_map_trap
+MSC__kernelrpc_mach_port_allocate_trap
+MSC__kernelrpc_mach_port_deallocate_trap
+MSC__kernelrpc_mach_port_mod_refs_trap
+MSC__kernelrpc_mach_port_insert_right_trap
+MSC__kernelrpc_mach_port_insert_member_trap
+MSC__kernelrpc_mach_port_construct_trap
+MSC__kernelrpc_mach_port_destruct_trap
+MSC_mach_reply_port
+MSC_thread_self_trap
+MSC_task_self_trap
+MSC_host_self_trap
+MSC_mach_msg_trap
+MSC_mach_msg_overwrite_trap
+MSC_semaphore_signal_trap
+MSC_semaphore_wait_trap
+MSC_semaphore_timedwait_trap
+MSC__kernelrpc_mach_port_get_attributes_trap
+MSC__kernelrpc_mach_port_guard_trap
+MSC_mach_generate_activity_id
+MSC_thread_get_special_reply_port
+MSC_syscall_thread_switch
+MSC_host_create_mach_voucher_trap
+MSC_mach_voucher_extract_attr_recipe_trap
+MSC__kernelrpc_mach_port_type_trap
+MSC__kernelrpc_mach_port_request_notification_trap
+MSC_mach_timebase_info_trap
+MSC_mk_timer_create
+MSC_mk_timer_destroy
diff --git a/blastdoor-messages-mig.txt b/blastdoor-messages-mig.txt
@@ -0,0 +1,36 @@
+host_info
+host_get_io_master
+host_get_clock_service
+host_request_notification
+host_get_special_port
+clock_get_time
+mach_exception_raise
+io_iterator_next
+io_registry_entry_from_path
+io_registry_entry_get_property_bytes
+io_service_close
+io_service_open_extended
+io_connect_method
+io_server_version
+io_service_get_matching_service_bin
+io_service_get_matching_services_bin
+io_registry_entry_get_property_bin_buf
+mach_port_get_refs
+mach_port_request_notification
+mach_port_set_attributes
+mach_port_is_connection_for_service
+mach_ports_lookup
+task_info_from_user
+task_get_special_port_from_user
+task_set_special_port
+semaphore_create
+semaphore_destroy
+thread_info
+thread_policy_set
+vm_copy
+mach_make_memory_entry_64
+mach_vm_copy
+mach_vm_map_external
+_mach_make_memory_entry
+task_restartable_ranges_register
+task_restartable_ranges_synchronize
diff --git a/blastdoor-messages-unix.txt b/blastdoor-messages-unix.txt
@@ -0,0 +1,160 @@
+SYS_exit
+SYS_read
+SYS_write
+SYS_open
+SYS_close
+SYS_unlink
+SYS_chmod
+SYS_getfsstat
+SYS_getpid
+SYS_getuid
+SYS_geteuid
+SYS_sendmsg
+SYS_access
+SYS_chflags
+SYS_fchflags
+SYS_kill
+SYS_getegid
+SYS_sigaction
+SYS_getgid
+SYS_sigprocmask
+SYS_sigpending
+SYS_sigaltstack
+SYS_ioctl
+SYS_readlink
+SYS_umask
+SYS_munmap
+SYS_mprotect
+SYS_madvise
+SYS_fcntl
+SYS_socket
+SYS_connect
+SYS_sigsuspend
+SYS_gettimeofday
+SYS_getrusage
+SYS_readv
+SYS_writev
+SYS_fchmod
+SYS_sendto
+SYS_mkdir
+SYS_rmdir
+SYS_utimes
+SYS_futimes
+SYS_pread
+SYS_pwrite
+SYS_statfs
+SYS_fstatfs
+SYS_quotactl
+SYS_csops
+SYS_csops_audittoken
+SYS_kdebug_typefilter
+SYS_kdebug_trace_string
+SYS_kdebug_trace64
+SYS_sigreturn
+SYS_stat
+SYS_fstat
+SYS_lstat
+SYS_pathconf
+SYS_getrlimit
+SYS_setrlimit
+SYS_mmap
+SYS_lseek
+SYS_sysctl
+SYS_getattrlist
+SYS_fsetattrlist
+SYS_getxattr
+SYS_setxattr
+SYS_fsetxattr
+SYS_removexattr
+SYS_fremovexattr
+SYS_shm_open
+SYS_sysctlbyname
+SYS_stat_extended
+SYS_lstat_extended
+SYS_fstat_extended
+SYS_chmod_extended
+SYS_fchmod_extended
+SYS_gettid
+SYS_mkdir_extended
+SYS_shared_region_check_np
+SYS_psynch_rw_longrdlock
+SYS_psynch_rw_yieldwrlock
+SYS_psynch_rw_downgrade
+SYS_psynch_rw_upgrade
+SYS_psynch_mutexwait
+SYS_psynch_mutexdrop
+SYS_psynch_cvbroad
+SYS_psynch_cvsignal
+SYS_psynch_cvwait
+SYS_psynch_rw_rdlock
+SYS_psynch_rw_wrlock
+SYS_psynch_rw_unlock
+SYS_psynch_rw_unlock2
+SYS_psynch_cvclrprepost
+SYS_process_policy
+SYS_issetugid
+SYS___pthread_kill
+SYS___pthread_sigmask
+SYS___sigwait
+SYS___disable_threadsignal
+SYS___pthread_markcancel
+SYS___pthread_canceled
+SYS_proc_info
+SYS_stat64
+SYS_fstat64
+SYS_lstat64
+SYS_stat64_extended
+SYS_lstat64_extended
+SYS_fstat64_extended
+SYS_getdirentries64
+SYS_statfs64
+SYS_fstatfs64
+SYS_getfsstat64
+SYS___pthread_chdir
+SYS___pthread_fchdir
+SYS_bsdthread_create
+SYS_bsdthread_terminate
+SYS_kevent
+SYS_bsdthread_register
+SYS_workq_open
+SYS_workq_kernreturn
+SYS_kevent64
+SYS_thread_selfid
+SYS_kevent_qos
+SYS_kevent_id
+SYS___mac_syscall
+SYS_read_nocancel
+SYS_write_nocancel
+SYS_open_nocancel
+SYS_close_nocancel
+SYS_sendmsg_nocancel
+SYS_fcntl_nocancel
+SYS_sigsuspend_nocancel
+SYS_readv_nocancel
+SYS_writev_nocancel
+SYS_sendto_nocancel
+SYS_pread_nocancel
+SYS_pwrite_nocancel
+SYS___sigwait_nocancel
+SYS___semwait_signal_nocancel
+SYS_fsgetpath
+SYS_guarded_close_np
+SYS_proc_rlimit_control
+SYS_getattrlistbulk
+SYS_openat
+SYS_openat_nocancel
+SYS_faccessat
+SYS_fchmodat
+SYS_fstatat
+SYS_fstatat64
+SYS_unlinkat
+SYS_mkdirat
+SYS_bsdthread_ctl
+SYS_csrctl
+SYS_mremap_encrypted
+SYS_getentropy
+SYS_ulock_wait
+SYS_ulock_wake
+SYS_abort_with_payload
+SYS_setattrlistat
+SYS_os_fault_with_payload