diff options
| author | Sam Bingner <sam@bingner.com> | 2018-12-24 11:20:51 -1000 |
|---|---|---|
| committer | Sam Bingner <sam@bingner.com> | 2018-12-24 11:20:51 -1000 |
| commit | 340496f25f661f9dc2c46976c2be96fd2d94b406 (patch) | |
| tree | 08331d30d36877e4c17942135a54584d6b78a893 | |
| parent | 6409e172da5ff0e98345b21d07bc699c653ef099 (diff) | |
Use an NSArray for inject argumentsv0.3
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | control | 2 | ||||
| -rw-r--r-- | inject.h | 3 | ||||
| -rw-r--r-- | inject.m | 41 | ||||
| -rw-r--r-- | main.m (renamed from main.c) | 15 |
5 files changed, 40 insertions, 23 deletions
@@ -7,6 +7,6 @@ TOOL_NAME = inject inject_CODESIGN_FLAGS = -Sentitlements.xml inject_LIBRARIES = mis inject_FRAMEWORKS = IOKit Security -inject_FILES = main.c inject.m patchfinder64.c kern_funcs.c +inject_FILES = main.m inject.m patchfinder64.c kern_funcs.c include $(THEOS_MAKE_PATH)/tool.mk @@ -1,6 +1,6 @@ Package: trustinjector Name: Trust Cache Injector -Version: 0.2 +Version: 0.3 Architecture: iphoneos-arm Description: Inject files to kernel trust cache Maintainer: Sam Bingner <maintainer@sbdhi.com> @@ -8,7 +8,8 @@ #ifndef _INJECT_H_ #define _INJECT_H_ +#include <Foundation/Foundation.h> -int injectTrustCache(int filecount, char* files[], uint64_t trust_chain); +int injectTrustCache(NSArray <NSString*> *files, uint64_t trust_chain); #endif @@ -103,7 +103,7 @@ NSArray *filteredHashes(uint64_t trust_chain, NSDictionary *hashes) { #endif } -int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) { +int injectTrustCache(NSArray <NSString*> *files, uint64_t trust_chain) { @autoreleasepool { struct trust_mem mem; uint64_t kernel_trust = 0; @@ -115,18 +115,20 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) { NSMutableDictionary *hashes = [NSMutableDictionary new]; SecStaticCodeRef staticCode; CFDictionaryRef cfinfo; - int duplicates=0; + int errors=0; - for (int i = 0; i < filecount; i++) { - OSStatus result = SecStaticCodeCreateWithPathAndAttributes(CFURLCreateWithFileSystemPath(kCFAllocatorDefault, (CFStringRef)@(files[i]), kCFURLPOSIXPathStyle, false), kSecCSDefaultFlags, NULL, &staticCode); + for (NSString *file in files) { + OSStatus result = SecStaticCodeCreateWithPathAndAttributes(CFURLCreateWithFileSystemPath(kCFAllocatorDefault, (CFStringRef)file, kCFURLPOSIXPathStyle, false), kSecCSDefaultFlags, NULL, &staticCode); + const char *filename = file.UTF8String; if (result != errSecSuccess) { if (_SecCopyErrorMessageString != NULL) { CFStringRef error = _SecCopyErrorMessageString(result, NULL); - fprintf(stderr, "Unable to generate cdhash for %s: %s\n", files[i], [(__bridge id)error UTF8String]); + fprintf(stderr, "Unable to generate cdhash for %s: %s\n", filename, [(__bridge id)error UTF8String]); CFRelease(error); } else { - fprintf(stderr, "Unable to generate cdhash for %s: %d\n", files[i], result); + fprintf(stderr, "Unable to generate cdhash for %s: %d\n", filename, result); } + errors++; continue; } @@ -135,7 +137,7 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) { NSDictionary *info = CFBridgingRelease(cfinfo); CFRelease(staticCode); if (result != errSecSuccess) { - fprintf(stderr, "Unable to copy cdhash info for %s\n", files[i]); + fprintf(stderr, "Unable to copy cdhash info for %s\n", filename); continue; } NSArray *cdhashes = info[@"cdhashes"]; @@ -143,23 +145,26 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) { NSUInteger algoIndex = [algos indexOfObject:@(cdHashTypeSHA256)]; if (cdhashes == nil) { - printf("%s: no cdhashes\n", files[i]); + printf("%s: no cdhashes\n", filename); + errors++; } else if (algos == nil) { - printf("%s: no algos\n", files[i]); + printf("%s: no algos\n", filename); + errors++; } else if (algoIndex == NSNotFound) { - printf("%s: does not have SHA256 hash\n", files[i]); + printf("%s: does not have SHA256 hash\n", filename); + errors++; } else { NSData *cdhash = [cdhashes objectAtIndex:algoIndex]; if (cdhash != nil) { if (hashes[cdhash] == nil) { - printf("%s: OK\n", files[i]); - hashes[cdhash] = @(files[i]); + printf("%s: OK\n", filename); + hashes[cdhash] = file; } else { - printf("%s: same as %s (ignoring)", files[i], [hashes[cdhash] UTF8String]); - duplicates++; + printf("%s: same as %s (ignoring)", filename, [hashes[cdhash] UTF8String]); } } else { - printf("%s: missing SHA256 cdhash entry\n", files[i]); + printf("%s: missing SHA256 cdhash entry\n", filename); + errors++; } } } @@ -167,7 +172,7 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) { if (numHashes < 1) { fprintf(stderr, "Found no hashes to inject\n"); - return 0; + return errors; } @@ -175,7 +180,7 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) { unsigned hashesToInject = (unsigned)[filtered count]; printf("%u new hashes to inject\n", hashesToInject); if (hashesToInject < 1) { - return 0; + return errors; } size_t length = (sizeof(mem) + hashesToInject * TRUST_CDHASH_LEN + 0xFFFF) & ~0xFFFF; @@ -196,7 +201,7 @@ int injectTrustCache(int filecount, char* files[], uint64_t trust_chain) { kwrite(kernel_trust + sizeof(mem), buffer, mem.count * TRUST_CDHASH_LEN); wk64(trust_chain, kernel_trust); - return filecount - numHashes - duplicates; + return (int)errors; } } @@ -44,7 +44,18 @@ int main(int argc, char* argv[]) { uint64_t trust_chain = find_trustcache(); term_kernel(); printf("Injecting to trust cache...\n"); - int errs = injectTrustCache(argc - 1, argv + 1, trust_chain); - printf("Successfully injected [%d/%d] to trust cache.\n", argc - errs - 1, argc - 1); + @autoreleasepool { + NSMutableArray *files = [NSMutableArray new]; + for (int i=1; i<argc; i++) { + [files addObject:@( argv[i] )]; + } + int errs = injectTrustCache(files, trust_chain); + if (errs < 0) { + printf("Error %d injecting to trust cache.\n", errs); + } else { + printf("Successfully injected [%d/%d] to trust cache.\n", (int)files.count - errs, (int)files.count); + } + return errs; + } } |