{"id":26597177,"url":"https://github.com/sskaje/mh","last_synced_at":"2025-03-23T17:31:50.522Z","repository":{"id":47023437,"uuid":"125317208","full_name":"sskaje/mh","owner":"sskaje","description":"A memory editor for iOS/macOS with JavaScript support","archived":false,"fork":false,"pushed_at":"2021-01-05T00:22:23.000Z","size":707,"stargazers_count":36,"open_issues_count":2,"forks_count":6,"subscribers_count":5,"default_branch":"master","last_synced_at":"2023-03-25T10:31:43.332Z","etag":null,"topics":["cli","ios","javascript-support","memory","memory-editor","memory-hacking","osx"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sskaje.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-03-15T05:32:53.000Z","updated_at":"2023-03-13T09:26:43.000Z","dependencies_parsed_at":"2022-09-03T11:20:41.493Z","dependency_job_id":null,"html_url":"https://github.com/sskaje/mh","commit_stats":null,"previous_names":[],"tags_count":null,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sskaje%2Fmh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sskaje%2Fmh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sskaje%2Fmh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sskaje%2Fmh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sskaje","download_url":"https://codeload.github.com/sskaje/mh/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245141206,"owners_count":20567545,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","ios","javascript-support","memory","memory-editor","memory-hacking","osx"],"created_at":"2025-03-23T17:31:50.374Z","updated_at":"2025-03-23T17:31:50.474Z","avatar_url":"https://github.com/sskaje.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MH\nA memory editor for iOS/macOS with JavaScript support\n\n## Requirement\n\n* macOS\n* Xcode\n* Jailbroken iDevice if you want to try iOS versions\n* [linenoise](https://github.com/antirez/linenoise.git) for interactive cli tool\n* [duktape](https://github.com/svaarala/duktape) for JavaScript support\n* python2 + PyYAML (required by duktape)\n* realpath \n* cmake\n* wget\n\n\n## Build \u0026 Run\n\n### Prepare\n\n```bash\nbrew install coreutils cmake wget \nsudo easy_install install pip\nsudo pip install PyYAML\n```\n\n```bash\n$ git clone https://github.com/sskaje/mh.git\n$ cd mh\n# prepare linenoise\n$ git submodule update --init --recursive\n# prepare iPhoneOS SDKs\n$ bash tools/download_sdks.sh\n# Prepare duktape\n$ bash tools/duktape_prepare.sh\n```\n\n### Build\n\n```bash\n# Build for macOS\n$ bash build/build-osx.sh\n# Build for ARMv7 iDevices\n$ bash build/build-ios-armv7.sh\n# Build for ARMv7s iDevices\n$ bash build/build-ios-armv7s.sh\n# Build for ARM64 iDevices, iOS 10.2\n$ bash build/build-ios-armv64.sh\n# Build for deb package for all iOS device\n$ bash build/build-ios-deb.sh\n\n```\n\n### Run\n\n```bash\n$ sudo ./mh_cli\n```\n\n\u003e\n\u003e For iOS 11.x by Electra, binary must locates /bin/mh_cli\n\u003e\n\u003e Read more: [Run HelloWorld on Jailbroken iOS 11](https://sskaje.me/2018/03/run-helloworld-on-jailbroken-ios-11/)\n\u003e\n\n## Documentation\n\n### Interactive CLI Command\n\n```\n# mh_cli -h\nMH: A Scriptable Memory Editor v0.2.0\nAuthor: sskaje\n\nCommand                                 Description\n process-list                            Print process list\n open PID                                Open a task\n close                                   Close current task\n search-hex HEX                          Search HEX bytes, like search-hex 1a2b3c4d\n update-search-hex HEX                   Search HEX from previous result\n search-string STR                       Search string, like search-string hello\n update-search-string STR                Search string from previous result\n memory-read ADDRESS SIZE                Read memory data at ADDRESS, both ADDRESS and SIZE are in HEX\n memory-write ADDRESS STR                Write data to ADDRESS, ADDRESS in HEX, STR in BYTES\n memory-write-hex ADDRESS HEX            Write hex data to ADDRESS, both ADDRESS and HEXSTR are in HEX\n result                                  Print result list, last round by default\n script-run path/to/file.js              Run script file\n dyld                                    Print dyld info\n vm-region                               Print mach_vm_region()\n bytes2hex STR                           Bytes to hex string\n hex2bytes HEX                           Hex string to bytes\n float2hex FLOAT                         Float number to hex\n double2hex DOUBLE                       Double number to hex\n int2hex INTEGER                         Integer to hex\n clear                                   Clear screen\n help                                    Print this message\n\n```\n\nExample:\n```\n$ mh_cli\nMH[nil] \u003e process-list\n...\nProcess count=415\nMH[nil] \u003e open 379\nCurrent PID=379\nMH[379] \u003e search-string 0ABCDEFGHIJKLMN0\nFound 3 result(s).\nMH[379] \u003e result\n...\nupdate search @address:000000008516f810\n[2] 0x0000000085100000-0x0000000085200000 size=0x7ffe00000020 offset=0000000000000000, rw-/rwx, MALLOC_TINY\n  000000008516f810  30 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 30  0ABCDEFGHIJKLMN0\n  000000008516f820  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\nMH[379] \u003e memory-write 000000008516f810 \"Hi, MH\"\n  0000000000000000  48 69 2c 20 4d 48                                Hi, MH\nWrite memory: addr=000000008516f810, size=0x6\nMH[379] \u003e result\n...\n[2] 0x0000000085100000-0x0000000085200000 size=0x7ffe00000020 offset=0000000000000000, rw-/rwx, MALLOC_TINY\n  000000008516f810  48 69 2c 20 4d 48 46 47 48 49 4a 4b 4c 4d 4e 30  Hi, MHFGHIJKLMN0\n  000000008516f820  00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00  ................\nMH[379] \u003e memory-write-hex 000000008516f818 AFBDEECC3231\n  0000000000000000  af bd ee cc 32 31                                ....21\nWrite memory: addr=000000008516f818, size=0x6\nMH[379] \u003e result\n...\n[2] 0x0000000085100000-0x0000000085200000 size=0x7ffe00000020 offset=0000000000000000, rw-/rwx, MALLOC_TINY\n  000000008516f810  48 69 2c 20 4d 48 46 47 af bd ee cc 32 31 4e 30  Hi, MHFG....21N0\n  000000008516f820  00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00  ................\n```\n\n### Non-interactive Script Host\n\n```\nmh_script path/to/script.js [args [...]]\n```\n\nYou can use **mh_script** for non-interactive scenario.\n\nBut a script written for *mh_cli* cannot be used by **mh_script**, because they are using different context scopes.\n\nMore specifically, you can use MH class from *mh_cli*, but you can't use *#^mh_(search|result|memory)_#* functions from *mh_script*.\n\nOther mach/dyld related methods are not introduced to MH class, only open()/close(), I'm finding a way to get forked pids, so that forked children can be open in script easily.\n\n\n### JavaScript API\n\nSee [doc/define.js](https://github.com/sskaje/mh/blob/master/doc/define.js)\n\nExample:\n- [tests/test-script.js](https://github.com/sskaje/mh/blob/master/tests/test-script.js)\n- [tests/test-script-object.js](https://github.com/sskaje/mh/blob/master/tests/test-script-object.js)\n\n\n## Known issues\n\n\n\n## License\n\nMH is available under the MIT license. See the LICENSE file for more info.\n\n- [linenoise](https://github.com/antirez/linenoise/blob/master/LICENSE)\n- [duktape](https://github.com/svaarala/duktape/blob/master/LICENSE.txt)\n\nif you're using mh for iOS 11 jailbroken by Electra:\n\n- [Cydia](https://github.com/ElectraJailbreak/cydia/blob/master/COPYING) \n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsskaje%2Fmh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsskaje%2Fmh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsskaje%2Fmh/lists"}