How may one perform an absolute jump (64-bit dword) on AArch64 with as few instructions as possible, whilst using a data source relative to the program counter? At first glance, one may assume a LDR| Stack Overflow
Up until recently, we've enjoyed in-memory loading of Mach-O bundles courtesy of dyld and its NSCreateObjectFileImageFromMemory/NSLinkModule API methods. And while these methods still exist today, there is a key difference.. memory modules are now persisted to disk. So in this post we'll take a look at just what was changed in dyld, and see what we can do to restore this functionality... hopefully keeping our warez in memory for a little longer.| XPN InfoSec Blog
