SYMBOL INDEX (278 symbols across 35 files) FILE: payload/kernel.c type pipebuf (line 16) | struct pipebuf { function corrupt_pipebuf (line 24) | static int corrupt_pipebuf(uint32_t cnt, uint32_t in, uint32_t out, function kread (line 36) | int kread(void *dest, uintptr_t src, size_t n) { function kwrite (line 41) | int kwrite(uintptr_t dest, const void *src, size_t n) { function kread8 (line 46) | uint8_t kread8(uintptr_t addr) { function kread16 (line 52) | uint16_t kread16(uintptr_t addr) { function kread32 (line 58) | uint32_t kread32(uintptr_t addr) { function kread64 (line 64) | uint64_t kread64(uintptr_t addr) { function kwrite8 (line 70) | void kwrite8(uintptr_t addr, uint8_t val) { kwrite(addr, &val, sizeof(va... function kwrite16 (line 72) | void kwrite16(uintptr_t addr, uint16_t val) { kwrite(addr, &val, sizeof(... function kwrite32 (line 74) | void kwrite32(uintptr_t addr, uint32_t val) { kwrite(addr, &val, sizeof(... function kwrite64 (line 76) | void kwrite64(uintptr_t addr, uint64_t val) { kwrite(addr, &val, sizeof(... FILE: payload/payload.c function init_log (line 32) | static int init_log(void) { function shutdown_log (line 62) | static void shutdown_log(void) { function payload (line 68) | int payload(PayloadArgs *args) { FILE: payload/payload.h type PayloadArgs (line 11) | typedef struct { FILE: payload/resolve.c function resolve_imports (line 12) | void resolve_imports(void *(*dlsym)(SceKernelModule handle, FILE: payload/resolve.h type SceKernelModule (line 14) | typedef int32_t SceKernelModule; FILE: src/com/bdjb/Exploit.java class Exploit (line 20) | public class Exploit { method main (line 23) | public static void main(Method screenPrintln) { FILE: src/com/bdjb/Loader.java class Loader (line 21) | class Loader implements Runnable { method Loader (line 30) | Loader(XletContext context) { method startLoader (line 34) | static void startLoader(XletContext context) { method run (line 38) | public void run() { FILE: src/com/bdjb/LoaderXlet.java class LoaderXlet (line 16) | public class LoaderXlet implements Xlet { method initXlet (line 21) | public void initXlet(XletContext context) { method startXlet (line 32) | public void startXlet() { method pauseXlet (line 38) | public void pauseXlet() { method destroyXlet (line 42) | public void destroyXlet(boolean unconditional) { FILE: src/com/bdjb/Payload.java class Payload (line 16) | public class Payload { method Payload (line 54) | public Payload(byte[] payload) { method sceKernelJitCreateSharedMemory (line 67) | private int sceKernelJitCreateSharedMemory(Text name, long len, int ma... method mmap (line 77) | private long mmap(long addr, long len, int prot, int flags, int fd, lo... method munmap (line 81) | private int munmap(long addr, long len) { method close (line 85) | private int close(int fd) { method align (line 89) | private long align(long x, long align) { method execute (line 93) | public int execute() { FILE: src/com/bdjb/Screen.java class Screen (line 16) | public class Screen extends Container { method getInstance (line 31) | public static Screen getInstance() { method setRemotePrintln (line 35) | public static void setRemotePrintln(Method screenPrintln) { method println (line 39) | public static synchronized void println(String msg) { method paint (line 53) | public void paint(Graphics g) { FILE: src/com/bdjb/api/API.java class API (line 17) | public final class API { method API (line 68) | private API() throws Exception { method getInstance (line 72) | public static synchronized API getInstance() throws Exception { method multiNewArray (line 79) | private native long multiNewArray(long componentType, int[] dimensions); method isJdk11 (line 81) | public boolean isJdk11() { method init (line 85) | private void init() throws Exception { method initUnsafe (line 92) | private void initUnsafe() throws Exception { method initDlsym (line 102) | private void initDlsym() throws Exception { method initSymbols (line 127) | private void initSymbols() { method initApiCall (line 171) | private void initApiCall() { method train (line 234) | private void train() { method buildContext (line 240) | private void buildContext( method call (line 275) | public long call(long func, long arg0, long arg1, long arg2, long arg3... method call (line 351) | public long call(long func, long arg0, long arg1, long arg2, long arg3... method call (line 355) | public long call(long func, long arg0, long arg1, long arg2, long arg3) { method call (line 359) | public long call(long func, long arg0, long arg1, long arg2) { method call (line 363) | public long call(long func, long arg0, long arg1) { method call (line 367) | public long call(long func, long arg0) { method call (line 371) | public long call(long func) { method errno (line 375) | public int errno() { method dlsym (line 379) | public long dlsym(long handle, String symbol) { method addrof (line 402) | public long addrof(Object obj) { method read8 (line 407) | public byte read8(long addr) { method read16 (line 411) | public short read16(long addr) { method read32 (line 415) | public int read32(long addr) { method read64 (line 419) | public long read64(long addr) { method write8 (line 423) | public void write8(long addr, byte val) { method write16 (line 427) | public void write16(long addr, short val) { method write32 (line 431) | public void write32(long addr, int val) { method write64 (line 435) | public void write64(long addr, long val) { method malloc (line 439) | public long malloc(long size) { method calloc (line 443) | public long calloc(long number, long size) { method realloc (line 451) | public long realloc(long ptr, long size) { method free (line 455) | public void free(long ptr) { method memcpy (line 459) | public long memcpy(long dest, long src, long n) { method memcpy (line 464) | public long memcpy(long dest, byte[] src, long n) { method memcpy (line 471) | public byte[] memcpy(byte[] dest, long src, long n) { method memset (line 478) | public long memset(long s, int c, long n) { method memset (line 483) | public byte[] memset(byte[] s, int c, long n) { method memcmp (line 490) | public int memcmp(long s1, long s2, long n) { method memcmp (line 501) | public int memcmp(long s1, byte[] s2, long n) { method memcmp (line 512) | public int memcmp(byte[] s1, long s2, long n) { method strcmp (line 516) | public int strcmp(long s1, long s2) { method strcmp (line 529) | public int strcmp(long s1, String s2) { method strcmp (line 543) | public int strcmp(String s1, long s2) { method strcpy (line 547) | public long strcpy(long dest, long src) { method strcpy (line 558) | public long strcpy(long dest, String src) { method readString (line 570) | public String readString(long src, long n) { method readString (line 582) | public String readString(long src) { method toCBytes (line 586) | public byte[] toCBytes(String str) { method getCallContext (line 592) | private CallContext getCallContext() { class CallContext (line 603) | class CallContext { method CallContext (line 616) | CallContext() { method finalize (line 690) | protected void finalize() { FILE: src/com/bdjb/api/Buffer.java class Buffer (line 10) | public class Buffer { method Buffer (line 25) | public Buffer(int size) { method finalize (line 30) | protected void finalize() { method address (line 34) | public long address() { method size (line 38) | public int size() { method getByte (line 42) | public byte getByte(int offset) { method getShort (line 47) | public short getShort(int offset) { method getInt (line 52) | public int getInt(int offset) { method getLong (line 57) | public long getLong(int offset) { method putByte (line 62) | public void putByte(int offset, byte value) { method putShort (line 67) | public void putShort(int offset, short value) { method putInt (line 72) | public void putInt(int offset, int value) { method putLong (line 77) | public void putLong(int offset, long value) { method put (line 82) | public void put(int offset, Buffer buffer) { method put (line 87) | public void put(int offset, byte[] buffer) { method fill (line 92) | public void fill(byte value) { method checkOffset (line 96) | protected void checkOffset(int offset, int length) { FILE: src/com/bdjb/api/Int16.java class Int16 (line 10) | public final class Int16 extends Buffer { method Int16 (line 13) | public Int16() { method Int16 (line 17) | public Int16(short value) { method get (line 22) | public short get() { method set (line 26) | public void set(short value) { FILE: src/com/bdjb/api/Int16Array.java class Int16Array (line 10) | public final class Int16Array extends Buffer { method Int16Array (line 11) | public Int16Array(int length) { method get (line 15) | public short get(int index) { method set (line 19) | public void set(int index, short value) { FILE: src/com/bdjb/api/Int32.java class Int32 (line 10) | public final class Int32 extends Buffer { method Int32 (line 13) | public Int32() { method Int32 (line 17) | public Int32(int value) { method get (line 22) | public int get() { method set (line 26) | public void set(int value) { FILE: src/com/bdjb/api/Int32Array.java class Int32Array (line 10) | public final class Int32Array extends Buffer { method Int32Array (line 11) | public Int32Array(int length) { method get (line 15) | public int get(int index) { method set (line 19) | public void set(int index, int value) { FILE: src/com/bdjb/api/Int64.java class Int64 (line 10) | public final class Int64 extends Buffer { method Int64 (line 13) | public Int64() { method Int64 (line 17) | public Int64(long value) { method get (line 22) | public long get() { method set (line 26) | public void set(long value) { FILE: src/com/bdjb/api/Int64Array.java class Int64Array (line 10) | public final class Int64Array extends Buffer { method Int64Array (line 11) | public Int64Array(int length) { method get (line 15) | public long get(int index) { method set (line 19) | public void set(int index, long value) { FILE: src/com/bdjb/api/Int8.java class Int8 (line 10) | public final class Int8 extends Buffer { method Int8 (line 13) | public Int8() { method Int8 (line 17) | public Int8(byte value) { method get (line 22) | public byte get() { method set (line 26) | public void set(byte value) { FILE: src/com/bdjb/api/Int8Array.java class Int8Array (line 10) | public final class Int8Array extends Buffer { method Int8Array (line 11) | public Int8Array(int length) { method get (line 15) | public byte get(int index) { method set (line 19) | public void set(int index, byte value) { FILE: src/com/bdjb/api/KernelAPI.java class KernelAPI (line 11) | public class KernelAPI { method KernelAPI (line 56) | private KernelAPI() { method getInstance (line 60) | public static synchronized KernelAPI getInstance() { method init (line 67) | private void init() { method initSymbols (line 72) | private void initSymbols() { method initPipes (line 84) | private void initPipes() { method pipe (line 99) | private int pipe(Int32Array fildes) { method fcntl (line 103) | private int fcntl(int fd, int cmd, long arg0) { method read (line 107) | private long read(int fd, Buffer buf, long nbytes) { method write (line 111) | private long write(int fd, Buffer buf, long nbytes) { method close (line 115) | private int close(int fd) { method corruptPipebuf (line 119) | private int corruptPipebuf(int cnt, int in, int out, int size, long bu... method kread (line 132) | public int kread(Buffer dest, long src, long n) { method kwrite (line 137) | public int kwrite(long dest, Buffer src, long n) { method kread8 (line 142) | public byte kread8(long addr) { method kread16 (line 147) | public short kread16(long addr) { method kread32 (line 152) | public int kread32(long addr) { method kread64 (line 157) | public long kread64(long addr) { method kwrite8 (line 162) | public void kwrite8(long addr, byte val) { method krite16 (line 167) | public void krite16(long addr, short val) { method kwrite32 (line 172) | public void kwrite32(long addr, int val) { method kwrite64 (line 177) | public void kwrite64(long addr, long val) { method getMasterPipeFd (line 182) | public Int32Array getMasterPipeFd() { method getVictimPipeFd (line 186) | public Int32Array getVictimPipeFd() { method getKaslrOffset (line 190) | public long getKaslrOffset() { method setKaslrOffset (line 194) | public void setKaslrOffset(long offset) { FILE: src/com/bdjb/api/Text.java class Text (line 10) | public class Text extends Buffer { method Text (line 13) | public Text(String text) { method toString (line 19) | public String toString() { FILE: src/com/bdjb/api/UnsafeInterface.java type UnsafeInterface (line 12) | interface UnsafeInterface { method getByte (line 13) | public byte getByte(long address); method getShort (line 15) | public short getShort(long address); method getInt (line 17) | public int getInt(long address); method getLong (line 19) | public long getLong(long address); method getLong (line 21) | public long getLong(Object o, long offset); method putByte (line 23) | public void putByte(long address, byte x); method putShort (line 25) | public void putShort(long address, short x); method putInt (line 27) | public void putInt(long address, int x); method putLong (line 29) | public void putLong(long address, long x); method putObject (line 31) | public void putObject(Object o, long offset, Object x); method objectFieldOffset (line 33) | public long objectFieldOffset(Field f); method allocateMemory (line 35) | public long allocateMemory(long bytes); method reallocateMemory (line 37) | public long reallocateMemory(long address, long bytes); method freeMemory (line 39) | public void freeMemory(long address); method setMemory (line 41) | public void setMemory(long address, long bytes, byte value); method copyMemory (line 43) | public void copyMemory(long srcAddress, long destAddress, long bytes); FILE: src/com/bdjb/api/UnsafeJdkImpl.java class UnsafeJdkImpl (line 14) | class UnsafeJdkImpl implements UnsafeInterface { method UnsafeJdkImpl (line 26) | UnsafeJdkImpl() throws Exception { method getByte (line 50) | public byte getByte(long address) { method getShort (line 54) | public short getShort(long address) { method getInt (line 58) | public int getInt(long address) { method getLong (line 62) | public long getLong(long address) { method getLong (line 66) | public long getLong(Object o, long offset) { method putByte (line 70) | public void putByte(long address, byte x) { method putShort (line 74) | public void putShort(long address, short x) { method putInt (line 78) | public void putInt(long address, int x) { method putLong (line 82) | public void putLong(long address, long x) { method putObject (line 86) | public void putObject(Object o, long offset, Object x) { method objectFieldOffset (line 90) | public long objectFieldOffset(Field f) { method allocateMemory (line 94) | public long allocateMemory(long bytes) { method reallocateMemory (line 98) | public long reallocateMemory(long address, long bytes) { method freeMemory (line 102) | public void freeMemory(long address) { method setMemory (line 106) | public void setMemory(long address, long bytes, byte value) { method copyMemory (line 110) | public void copyMemory(long srcAddress, long destAddress, long bytes) { FILE: src/com/bdjb/api/UnsafeSunImpl.java class UnsafeSunImpl (line 13) | class UnsafeSunImpl implements UnsafeInterface { method UnsafeSunImpl (line 19) | UnsafeSunImpl() throws Exception { method getByte (line 29) | public byte getByte(long address) { method getShort (line 33) | public short getShort(long address) { method getInt (line 37) | public int getInt(long address) { method getLong (line 41) | public long getLong(long address) { method getLong (line 45) | public long getLong(Object o, long offset) { method putByte (line 49) | public void putByte(long address, byte x) { method putShort (line 53) | public void putShort(long address, short x) { method putInt (line 57) | public void putInt(long address, int x) { method putLong (line 61) | public void putLong(long address, long x) { method putObject (line 65) | public void putObject(Object o, long offset, Object x) { method objectFieldOffset (line 69) | public long objectFieldOffset(Field f) { method allocateMemory (line 73) | public long allocateMemory(long bytes) { method reallocateMemory (line 77) | public long reallocateMemory(long address, long bytes) { method freeMemory (line 81) | public void freeMemory(long address) { method setMemory (line 85) | public void setMemory(long address, long bytes, byte value) { method copyMemory (line 89) | public void copyMemory(long srcAddress, long destAddress, long bytes) { FILE: src/com/bdjb/exploit/kernel/ExploitKernelInterface.java type ExploitKernelInterface (line 10) | public interface ExploitKernelInterface { method trigger (line 11) | public boolean trigger() throws Exception; FILE: src/com/bdjb/exploit/sandbox/ExploitDefaultImpl.java class ExploitDefaultImpl (line 11) | public class ExploitDefaultImpl implements ExploitSandboxInterface { method trigger (line 12) | public boolean trigger() throws Exception { FILE: src/com/bdjb/exploit/sandbox/ExploitSandboxInterface.java type ExploitSandboxInterface (line 10) | public interface ExploitSandboxInterface { method trigger (line 11) | public boolean trigger() throws Exception; FILE: src/com/bdjb/exploit/sandbox/ExploitServiceProxyImpl.java class ExploitServiceProxyImpl (line 19) | public class ExploitServiceProxyImpl implements ExploitSandboxInterface { method trigger (line 31) | public boolean trigger() throws Exception { FILE: src/com/bdjb/exploit/sandbox/IxcProxyImpl.java class IxcProxyImpl (line 16) | class IxcProxyImpl extends IxcProxy { method IxcProxyImpl (line 21) | private IxcProxyImpl(CoreIxcClassLoader localClassLoader, CoreIxcClass... method getInstance (line 25) | static synchronized IxcProxyImpl getInstance() { method getRemote (line 33) | public Object getRemote() { method forgetRemote (line 37) | public void forgetRemote() {} method replaceObject (line 40) | protected Object replaceObject(Object obj, CoreIxcClassLoader coreIxcC... method invokeMethod (line 45) | public Object invokeMethod(Object obj, String name, String signature, ... FILE: src/com/bdjb/exploit/sandbox/Payload.java class Payload (line 15) | public class Payload implements PrivilegedExceptionAction { method Payload (line 16) | public Payload() throws PrivilegedActionException { method run (line 20) | public Object run() throws Exception { FILE: src/com/bdjb/exploit/sandbox/ProviderAccessorImpl.java class ProviderAccessorImpl (line 20) | class ProviderAccessorImpl implements ProviderAccessor { method ProviderAccessorImpl (line 23) | ProviderAccessorImpl(Provider[] providers) { method copyProviderServices (line 27) | private void copyProviderServices(Provider[] providers) { method setProviderAccessor (line 33) | void setProviderAccessor() { method getService (line 37) | public Service getService(Provider provider, String type, String algor... method getServices (line 53) | public Set getServices(Provider provider) { method putService (line 57) | public void putService(Provider provider, Object service) { FILE: src/com/bdjb/exploit/sandbox/ServiceImpl.java class ServiceImpl (line 16) | class ServiceImpl extends Service implements ServiceInterface { method ServiceImpl (line 17) | ServiceImpl(Provider provider) { method ServiceImpl (line 21) | ServiceImpl( FILE: src/com/bdjb/exploit/sandbox/ServiceInterface.java type ServiceInterface (line 15) | interface ServiceInterface extends Remote { method newInstance (line 16) | public Object newInstance(Object constructorParameter) FILE: src/jdk/internal/misc/Unsafe.java class Unsafe (line 5) | public class Unsafe { method getByte (line 6) | public byte getByte(long address) { method getShort (line 10) | public short getShort(long address) { method getInt (line 14) | public int getInt(long address) { method getLong (line 18) | public long getLong(long address) { method getLong (line 22) | public long getLong(Object o, long offset) { method putByte (line 26) | public void putByte(long address, byte x) {} method putShort (line 28) | public void putShort(long address, short x) {} method putInt (line 30) | public void putInt(long address, int x) {} method putLong (line 32) | public void putLong(long address, long x) {} method putObject (line 34) | public void putObject(Object o, long offset, Object x) {} method objectFieldOffset (line 36) | public long objectFieldOffset(Field f) { method allocateMemory (line 40) | public long allocateMemory(long bytes) { method reallocateMemory (line 44) | public long reallocateMemory(long address, long bytes) { method freeMemory (line 48) | public void freeMemory(long address) {} method setMemory (line 50) | public void setMemory(long address, long bytes, byte value) {} method copyMemory (line 52) | public void copyMemory(long srcAddress, long destAddress, long bytes) {}