Injection
Grave ships with two injectors per platform: a friendly one for everyday use, and a raw one for users who want stealth.
macOS
macOS blocks unsigned binaries from attaching to other processes. With SIP enabled,
both the bundled .app and the standalone Unix executable will fail
silently the moment they try to inject into the Minecraft Java process. Grave is not
notarized by Apple, so the only way to give it the privileges it needs is to turn SIP off.
How to disable SIP:
- Boot into Recovery Mode: shut down, then press and hold the power button until you see “Loading startup options”. Choose Options → Continue.
- From the menu bar, open Utilities → Terminal.
- Run
csrutil disableand confirm with your admin password if prompted. - Reboot normally.
Grave currently only runs on Apple Silicon (ARM) Macs (M1, M2, M3 and newer). Intel-based Macs are not supported, and there is no Intel build.
Grave also can't inject into Java that's running through Rosetta (Apple's compatibility layer for older Intel apps). The Minecraft you inject into has to be running on a native ARM (aarch64) version of Java. If it's running through Rosetta, injection just won't work.
Launchers like Lunar Client and Badlion Client already run on native ARM Java out of the box, so none of the steps below are needed for them.
Newer Minecraft versions already run on native ARM Java, so this only matters for 1.8.9 & 1.7.10. Those two still work with Grave, you just have to point them at a native ARM copy of Java yourself. The easiest way is Prism Launcher:
- Open Prism Launcher and click Edit on your installation.
- Go to Settings › Java and open the Java downloader.
- Download Azul Zulu (the newest release), then close the downloader.
- Click Detect, then select the Zulu version you just downloaded.
That's it. The game now launches on native ARM Java, and Grave can inject into it.
On macOS, Grave ships with two injectors that target any java processes.
Download the .dmg, run and drag the .app to your Applications folder, double-click it and the bundled GUI handles
everything: locating Minecraft, attaching, and loading the client.
A standalone command-line binary you can run from a terminal or wire into your own scripts. Same payload, no GUI, no logo.
How macOS injection works
Injection is fully fileless. The injector pushes both the Mach-O loader dylib and
the client .dylib bytes through POSIX shared memory, then reflectively
maps the loader into Minecraft in-process. The loader pulls the client out of shared
memory and maps it the same way. Nothing touches disk.
The reflective loader is a shellcode-style, position-independent Mach-O blob that maps itself into fresh MAP_JIT memory
and walks its own load commands, resolves every import through dlopen and
dlsym, and applies its chained fixup table, everything dyld would normally do
but done in-process with no dyld involvement. Once the loader is live it opens the POSIX
shared memory segment holding the client, loads it the same way, and unlinks the segment
immediately after. By the time injection completes there are no mapped files, no shared
memory names, and no kernel objects left behind.
The shellcode loader component is based on outflanknl/macho-loader. The in-memory dylib loader that handles the client payload is a separate piece built on Apple's open-source dyld internals.
Once you're injected, browse modules in the sidebar to see what's available.