Mach-O Fun

Trying to find out what is going on in your machine at the lowest levels can be a fun and gratifying experience. Knowing how exactly application code is loaded and prepared for execution is one such aspect. Besides gaining a sense of control over the inner working in a computer we can also start to reason about security topics and play some golf using this kowledge.

Lecture at CCC Ulm:

In December 2010 I gave a ChaosSeminar about this topic at the local chapter of the Chaos Computer Club in Ulm. The Recordings are available in their archive.

Lecture for Cocoaheads Munich:

In november 2010 I held a short lecture about having fun with mach-o at the cocoaheads meeting in munich. You can download the slides (slighty edited to fix typos) and the files I used:

tiny.c - a minimal C application
tiny_asm.s - bare bones assembly version, crashes due to missing stack
tiny_mfeiri.asm - minimal assembly version (164 bytes)
tiny_mfeiri2.asm - slightly better HFS+ compressible version of tiny_mfeiri.asm

I used the tiny mach-o executables by Amit Singh as a reference. His smallest possible executable weights 165 bytes but that runs on mac os x 10.5 only. His smallest valid mach-o file weights 242 bytes. The executable produced by tiny_mfeiri.asm is believed to be the smallest possible valid mach-o application. It should be noted though that Mac OS X natively supports execution of shellscripts, which means that scripts can be launched that are even shorter that this minimal mach-o executable.