Skip to content

ParasiteTeam/loader

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
ParasiteLoader
ParasiteLoader
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

ParasiteLoader.dylib

After the kext inserts a LC_LOAD_WEAK_DYLIB command pointing to ParasiteLoader.dylib into the MachO header of the currently launching process, dyld will load this library and call __ParasiteInit. That function makes sure it is safe to continue by checking a list of blacklisted processes and then goes on to loop through every bundle in the folder /Library/Parasite/Extensions to see which bundles should be loaded into the process.

Extension Format

Each extension is a .bundle located in /Library/Parasite/Extensions. In each bundle is an Info.plist file containing metadata about the creator of the bundle, version, etc. This is where the filters go. Add a key into your Info.plist file called PSFilters of type dictionary.

Here are the types of filters that can go into the PSFilters dictionary. You may recognize these from MobileSubstrate filters. That's because it's the same with a few extensions.

Key Type Description
CoreFoundationVersion array An array of one or two reals. The first one is the minimum CoreFoundation version of a system this bundle should load on and the second value, if it exists refers to the maximum verison.
Bundles array An array of bundle identifiers or SIMBL-style bundle entries that if are loaded into the current process will cause the bundle to be loaded, too.
Executables array List of executable names to load into. This is useful for loading into processes that do not have a bundle identifier
Classes array An array of zero or more strings of the names of classes that, if present, will cause the bundle to load.
Mode String Any is the only allowed option if this key is present. If Mode is not set to Any then all of the above filters must match for this bundle to be loaded.

For more detailed information on the filter format, check out CydiaSubstrate, Parasite supports all of it.

A key difference is that the Bundles key not only allows strings of bundle id's but also dictionaries that follow the same format as SIMBL. Example:

Key Type Description
BundleIdentifier string identifier of bundle to load into
MinBundleVersion real seems straightforward enough
MaxBundleVersion real see above

Parasite also supports SIMBL bundles themselves, though this feature is experimental and not guaranteeed to work. You should prefer to use extensions that were developed for Parasite over SIMBL alternatives if you can.

About

ParasiteLoader.dylib

Resources

Readme
Activity
Custom properties

Stars

13 stars

Watchers

4 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages