@sskaje

$ diskutil list
/dev/disk0 (internal, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *500.3 GB   disk0
   1:                        EFI EFI                     209.7 MB   disk0s1
   2:                 Apple_APFS Container disk1         500.1 GB   disk0s2

/dev/disk1 (synthesized):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      APFS Container Scheme -                      +500.1 GB   disk1
                                 Physical Store disk0s2
   1:                APFS Volume Macintosh HD            311.1 GB   disk1s1
   2:                APFS Volume Preboot                 19.4 MB    disk1s2
   3:                APFS Volume Recovery                509.8 MB   disk1s3
   4:                APFS Volume VM                      3.2 GB     disk1s4

/dev/disk2 (disk image):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        +9.3 GB     disk2
   1:                        EFI EFI                     209.7 MB   disk2s1
   2:                  Apple_HFS InstallESD              9.0 GB     disk2s2

$ diskutil list

/dev/disk0 (internal, physical):

#: TYPE NAME SIZE IDENTIFIER

0: GUID_partition_scheme *500.3 GB disk0

1: EFI EFI 209.7 MB disk0s1

2: Apple_APFS Container disk1 500.1 GB disk0s2

/dev/disk1 (synthesized):

#: TYPE NAME SIZE IDENTIFIER

0: APFS Container Scheme - +500.1 GB disk1

Physical Store disk0s2

1: APFS Volume Macintosh HD 311.1 GB disk1s1

2: APFS Volume Preboot 19.4 MB disk1s2

3: APFS Volume Recovery 509.8 MB disk1s3

4: APFS Volume VM 3.2 GB disk1s4

/dev/disk2 (disk image):

#: TYPE NAME SIZE IDENTIFIER

0: GUID_partition_scheme +9.3 GB disk2

1: EFI EFI 209.7 MB disk2s1

2: Apple_HFS InstallESD 9.0 GB disk2s2

You can see an installation image named InstallESD is mounted.
Just eject this whole disk and retry VMware Fusion creation.

$ hdiutil eject /dev/disk2
"disk2" unmounted.
"disk2" ejected.
$ diskutil list
/dev/disk0 (internal, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *500.3 GB   disk0
   1:                        EFI EFI                     209.7 MB   disk0s1
   2:                 Apple_APFS Container disk1         500.1 GB   disk0s2

/dev/disk1 (synthesized):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      APFS Container Scheme -                      +500.1 GB   disk1
                                 Physical Store disk0s2
   1:                APFS Volume Macintosh HD            311.1 GB   disk1s1
   2:                APFS Volume Preboot                 19.4 MB    disk1s2
   3:                APFS Volume Recovery                509.8 MB   disk1s3
   4:                APFS Volume VM                      3.2 GB     disk1s4

$ hdiutil eject /dev/disk2

"disk2" unmounted.

"disk2" ejected.

$ diskutil list

/dev/disk0 (internal, physical):

#: TYPE NAME SIZE IDENTIFIER

0: GUID_partition_scheme *500.3 GB disk0

1: EFI EFI 209.7 MB disk0s1

2: Apple_APFS Container disk1 500.1 GB disk0s2

/dev/disk1 (synthesized):

#: TYPE NAME SIZE IDENTIFIER

0: APFS Container Scheme - +500.1 GB disk1

Physical Store disk0s2

1: APFS Volume Macintosh HD 311.1 GB disk1s1

2: APFS Volume Preboot 19.4 MB disk1s2

3: APFS Volume Recovery 509.8 MB disk1s3

4: APFS Volume VM 3.2 GB disk1s4

VMware Fusion “Unable to create the installation media” by @sskaje: https://sskaje.me/2018/02/vmware-fusion-unable-create-installation-media/

anyconnect 外部控制管理vpn连接

By @sskaje
Link: https://sskaje.me/2018/02/anyconnect-%e5%a4%96%e9%83%a8%e6%8e%a7%e5%88%b6%e7%ae%a1%e7%90%86vpn%e8%bf%9e%e6%8e%a5/

之前公司所有人都使用iPhone，为了方便微信网页测试，用AnyConnect来实现DNS推送，将微信的网页域名指向不同开发、测试环境的IP。

iOS可以使用Apple Configurator生成mobileconfig文件来配置AnyConnect。最早使用这份配置的时候，发现如果使用密码认证，即便配置文件里写了用户名和密码，iOS的AnyConnect还是会需要用户再输入一次密码。所以一直以来用AnyConnect做的各种解决方案都是使用证书的方式，将用户证书和CA证书一并集成到mobileconfig文件里。

不幸的是去年下半年的某天，突然就发现iOS的AnyConnect连上了VPN，但是DNS不生效了。
那会儿，iOS升级到10.2之后的某个版本，AnyConnect在iOS平台推出了新版客户端，老的改名Legacy了。

换了新版，同样的配置文件下发方式，这回问题更大了，直接连不上。日志里看到的内容大概是客户端不知道该用哪份证书进行身份验证。

研究了cisco的文档，发现可以用 anyconnect://connect 直接呼起客户端的连接操作，而这个链接iOS和Android都可用。

链接类似如下：
anyconnect://connect/?name=Int&host=vpn-internal.sskaje.me:8433&prefill_username=user&prefill_password=password&onsuccess=http%3A%2F%2Fsskaje.me%2Fsuccess

不过由于安全原因，AnyConnect默认将“外部控制”的功能关闭了。（其实，我之前一直以为这个是服务器可以推送客户端执行命令的功能，所以很敏感）
在设置中改为提示或者启用。

而，之前dns不生效的功能，现在只能开启 split-dns 了。

anyconnect 外部控制管理vpn连接 by @sskaje: https://sskaje.me/2018/02/anyconnect-%e5%a4%96%e9%83%a8%e6%8e%a7%e5%88%b6%e7%ae%a1%e7%90%86vpn%e8%bf%9e%e6%8e%a5/

Unity3d资源文件解密

By @sskaje
Link: https://sskaje.me/2018/02/unity3d-asset-bundle-decrypt/

这里只说 AssetBundle，只有思路。

1 废话般前提：逻辑上 AssetBundle 文件加密后肯定是需要解密了，再进行加载。

2 Unity 加载AssetBundle文件可以使用 AssetBundle.LoadFromFile，加载内存流可以用AssetBundle.LoadFromMemory 和 AssetBundle.LoadFromStream。
这些方法对应还有代Async后缀的异步加载方法。
文档在：https://docs.unity3d.com/ScriptReference/AssetBundle.html

3 打断点，看backtrace。

4 慢慢调试。

在我这个场景里，il2cpp dump是没有需求的。

贴一个bt

* thread #1, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1
  * frame #0: 0x0000000101234a68 global`AssetBundle_LoadFromMemory_m412557059
    frame #1: 0x000000010025a610 global`U3CLoadDynamicAssetBundleU3Ec__AnonStorey3_U3CU3Em__0_m1954562509 + 72
    frame #2: 0x000000010013a09c global`MainThreadDispatcher_SendAndWait_m4140732116 + 192
    frame #3: 0x0000000100259414 global`AssetBundleLoader_LoadDynamicAssetBundle_m153660618 + 540
    frame #4: 0x0000000100259e70 global`AssetBundleLoader_Load_m859069093 + 732
    frame #5: 0x000000010072930c global`SpriteLoader_Load_m3286678683 + 1784
    frame #6: 0x00000001005327c0 global`ExtImage_Awake_m3150663317 + 456
    frame #7: 0x00000001017d6ad0 global`RuntimeInvoker_Void_t1841601450(MethodInfo const*, void*, void**) + 28
    frame #8: 0x00000001021a1e24 global`il2cpp::vm::Runtime::Invoke(MethodInfo const*, void*, void**, Il2CppException**) + 68
    frame #9: 0x0000000101c035f4 global`ScriptingInvocation::Invoke(Il2CppException**, bool) + 60
    frame #10: 0x0000000101c0352c global`ScriptingInvocation::InvokeChecked(Il2CppException**) + 68
    frame #11: 0x0000000101ce10ac global`MonoBehaviour::CallMethodInactive(ScriptingMethodIl2Cpp) + 88
    frame #12: 0x0000000101ce2e34 global`MonoBehaviour::CallAwake() + 76
    frame #13: 0x0000000101ce3134 global`MonoBehaviour::AddToManager() + 132
    frame #14: 0x0000000101ce2dcc global`MonoBehaviour::AwakeFromLoad(AwakeFromLoadMode) + 568
    frame #15: 0x0000000101c0c548 global`AwakeFromLoadQueue::InvokePersistentManagerAwake(AwakeFromLoadQueue::Item*, unsigned int, AwakeFromLoadMode) + 96
    frame #16: 0x0000000101c0c48c global`AwakeFromLoadQueue::PersistentManagerAwakeFromLoad(int, AwakeFromLoadMode) + 140
    frame #17: 0x0000000101c0c3e8 global`AwakeFromLoadQueue::PersistentManagerAwakeFromLoad() + 36
    frame #18: 0x0000000101bfc9b8 global`LoadSceneOperation::CompleteAwakeSequence() + 96
    frame #19: 0x0000000101bfc3e0 global`LoadSceneOperation::PostLoadSceneAdditive() + 32
    frame #20: 0x0000000101bfc304 global`LoadSceneOperation::IntegrateMainThread() + 80
    frame #21: 0x0000000101bfd01c global`PreloadManager::UpdatePreloadingSingleStep(PreloadManager::UpdatePreloadingFlags, int) + 316
    frame #22: 0x0000000101bfd59c global`PreloadManager::UpdatePreloading() + 252
    frame #23: 0x0000000101b07c4c global`PlayerLoop() + 332
    frame #24: 0x0000000101d4381c global`UnityPlayerLoopImpl(bool) + 32
    frame #25: 0x0000000100047c80 global`UnityRepaint + 140
    frame #26: 0x0000000100047b6c global`-[UnityAppController(Rendering) repaintDisplayLink] + 88
    frame #27: 0x0000000184da2f24 QuartzCore`CA::Display::DisplayLinkItem::dispatch(unsigned long long) + 44
    frame #28: 0x0000000184da2dd0 QuartzCore`CA::Display::DisplayLink::dispatch_items(unsigned long long, unsigned long long, unsigned long long) + 444
    frame #29: 0x0000000181dba094 IOKit`IODispatchCalloutFromCFMessage + 372
    frame #30: 0x0000000181ae2e50 CoreFoundation`__CFMachPortPerform + 180
    frame #31: 0x0000000181afb218 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 56
    frame #32: 0x0000000181afa9cc CoreFoundation`__CFRunLoopDoSource1 + 436
    frame #33: 0x0000000181af84b0 CoreFoundation`__CFRunLoopRun + 1840
    frame #34: 0x0000000181a262b8 CoreFoundation`CFRunLoopRunSpecific + 444
    frame #35: 0x00000001834da198 GraphicsServices`GSEventRunModal + 180
    frame #36: 0x0000000187a6d7fc UIKit`-[UIApplication _run] + 684
    frame #37: 0x0000000187a68534 UIKit`UIApplicationMain + 208
    frame #38: 0x00000001000417dc global`main + 156
    frame #39: 0x0000000180a095b8 libdyld.dylib`start + 4

* thread #1, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1

* frame #0: 0x0000000101234a68 global`AssetBundle_LoadFromMemory_m412557059

frame #1: 0x000000010025a610 global`U3CLoadDynamicAssetBundleU3Ec__AnonStorey3_U3CU3Em__0_m1954562509 + 72

frame #2: 0x000000010013a09c global`MainThreadDispatcher_SendAndWait_m4140732116 + 192

frame #3: 0x0000000100259414 global`AssetBundleLoader_LoadDynamicAssetBundle_m153660618 + 540

frame #4: 0x0000000100259e70 global`AssetBundleLoader_Load_m859069093 + 732

frame #5: 0x000000010072930c global`SpriteLoader_Load_m3286678683 + 1784

frame #6: 0x00000001005327c0 global`ExtImage_Awake_m3150663317 + 456

frame #7: 0x00000001017d6ad0 global`RuntimeInvoker_Void_t1841601450(MethodInfo const*, void*, void**) + 28

frame #8: 0x00000001021a1e24 global`il2cpp::vm::Runtime::Invoke(MethodInfo const*, void*, void**, Il2CppException**) + 68

frame #9: 0x0000000101c035f4 global`ScriptingInvocation::Invoke(Il2CppException**, bool) + 60

frame #10: 0x0000000101c0352c global`ScriptingInvocation::InvokeChecked(Il2CppException**) + 68

frame #11: 0x0000000101ce10ac global`MonoBehaviour::CallMethodInactive(ScriptingMethodIl2Cpp) + 88

frame #12: 0x0000000101ce2e34 global`MonoBehaviour::CallAwake() + 76

frame #13: 0x0000000101ce3134 global`MonoBehaviour::AddToManager() + 132

frame #14: 0x0000000101ce2dcc global`MonoBehaviour::AwakeFromLoad(AwakeFromLoadMode) + 568

frame #15: 0x0000000101c0c548 global`AwakeFromLoadQueue::InvokePersistentManagerAwake(AwakeFromLoadQueue::Item*, unsigned int, AwakeFromLoadMode) + 96

frame #16: 0x0000000101c0c48c global`AwakeFromLoadQueue::PersistentManagerAwakeFromLoad(int, AwakeFromLoadMode) + 140

frame #17: 0x0000000101c0c3e8 global`AwakeFromLoadQueue::PersistentManagerAwakeFromLoad() + 36

frame #18: 0x0000000101bfc9b8 global`LoadSceneOperation::CompleteAwakeSequence() + 96

frame #19: 0x0000000101bfc3e0 global`LoadSceneOperation::PostLoadSceneAdditive() + 32

frame #20: 0x0000000101bfc304 global`LoadSceneOperation::IntegrateMainThread() + 80

frame #21: 0x0000000101bfd01c global`PreloadManager::UpdatePreloadingSingleStep(PreloadManager::UpdatePreloadingFlags, int) + 316

frame #22: 0x0000000101bfd59c global`PreloadManager::UpdatePreloading() + 252

frame #23: 0x0000000101b07c4c global`PlayerLoop() + 332

frame #24: 0x0000000101d4381c global`UnityPlayerLoopImpl(bool) + 32

frame #25: 0x0000000100047c80 global`UnityRepaint + 140

frame #26: 0x0000000100047b6c global`-[UnityAppController(Rendering) repaintDisplayLink] + 88

frame #27: 0x0000000184da2f24 QuartzCore`CA::Display::DisplayLinkItem::dispatch(unsigned long long) + 44

frame #28: 0x0000000184da2dd0 QuartzCore`CA::Display::DisplayLink::dispatch_items(unsigned long long, unsigned long long, unsigned long long) + 444

frame #29: 0x0000000181dba094 IOKit`IODispatchCalloutFromCFMessage + 372

frame #30: 0x0000000181ae2e50 CoreFoundation`__CFMachPortPerform + 180

frame #31: 0x0000000181afb218 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 56

frame #32: 0x0000000181afa9cc CoreFoundation`__CFRunLoopDoSource1 + 436

frame #33: 0x0000000181af84b0 CoreFoundation`__CFRunLoopRun + 1840

frame #34: 0x0000000181a262b8 CoreFoundation`CFRunLoopRunSpecific + 444

frame #35: 0x00000001834da198 GraphicsServices`GSEventRunModal + 180

frame #36: 0x0000000187a6d7fc UIKit`-[UIApplication _run] + 684

frame #37: 0x0000000187a68534 UIKit`UIApplicationMain + 208

frame #38: 0x00000001000417dc global`main + 156

frame #39: 0x0000000180a095b8 libdyld.dylib`start + 4

工具：
https://github.com/Perfare/UnityStudio
https://github.com/HearthSim/UnityPack

Unity3d资源文件解密 by @sskaje: https://sskaje.me/2018/02/unity3d-asset-bundle-decrypt/

sqlcipher decrypt database

By @sskaje
Link: https://sskaje.me/2018/01/sqlcipher-decrypt-database/

sqlcipher: https://github.com/sqlcipher/sqlcipher

Open an encrypted database with a string key and a hex key.

$ sqlcipher encrypted.db
sqlite> PRAGMA key = 'this-is-key';
sqlite> PRAGMA key = "x'DEADBEAF'";
sqlite> .tables

$ sqlcipher encrypted.db

sqlite> PRAGMA key = 'this-is-key';

sqlite> PRAGMA key = "x'DEADBEAF'";

sqlite> .tables

Dump an encrypted database encrypted.db to plaintext.db.

$ sqlcipher encrypted.db
sqlite> PRAGMA key = "x'DEADBEAF'";
sqlite> ATTACH DATABASE 'plaintext' AS plaintext key '';
sqlite> SELECT sqlcipher_export('plaintext');
sqlite> DETACH DATABASE plaintext;

$ sqlcipher encrypted.db

sqlite> PRAGMA key = "x'DEADBEAF'";

sqlite> ATTACH DATABASE 'plaintext' AS plaintext key '';

sqlite> SELECT sqlcipher_export('plaintext');

sqlite> DETACH DATABASE plaintext;

Dump many databases

for i in $(ls); do
	sqlcipher $i "PRAGMA key = \"x'DEADBEAF'\"; ATTACH DATABASE 'plaintext/$i' AS plaintext key '';SELECT sqlcipher_export('plaintext');DETACH DATABASE plaintext;";	
done

for i in $(ls); do

sqlcipher $i "PRAGMA key = \"x'DEADBEAF'\"; ATTACH DATABASE 'plaintext/$i' AS plaintext key '';SELECT sqlcipher_export('plaintext');DETACH DATABASE plaintext;";

done

sqlcipher decrypt database by @sskaje: https://sskaje.me/2018/01/sqlcipher-decrypt-database/