dylibx

package module
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 2, 2022 License: GPL-3.0 Imports: 9 Imported by: 0

README

dylibx

一键扫描查找可注入&劫持Dylib的应用程序。

安装

  • Go Install

go install github.com/ac0d3r/dylibx/cmd/dylibx@latest

  • Github Release

前往 releases 下载合适的版本然后从命令行运行即可。

用法

一键开扫:

$ ./dylibx
...

Documentation

Index

Constants

View Source 
const (
	REQUIRE_LV = 0x2000
	RUNTIME    = 0x10000
)
View Source 
const (
	RPathPre          = "@rpath"
	ExecutablePathPre = "@executable_path"
	LoaderPathPre     = "@loader_path"
)

rpath

Variables

This section is empty.

Functions

This section is empty.

Types

type AppInfo 

type AppInfo struct {
	CFBundleExecutable string `plist:"CFBundleExecutable"`
}

type AppVulnerable 

type AppVulnerable struct {
	AppPath                       string
	ExecutablePath                string
	CodeSignFlags                 string
	DisableLibraryValidation      bool
	AllowDyldEnvironmentVariables bool
	Injectable                    bool
	Dylibs                        []VulnItem
}

type Dylib 

type Dylib struct {
	Name           string
	Time           uint32
	CurrentVersion string
	CompatVersion  string
}

type Dylibx 

type Dylibx struct {
}

func (*Dylibx) AutoScanApps 

func (d *Dylibx) AutoScanApps() ([]*AppVulnerable, error)

func (*Dylibx) Exist 

func (d *Dylibx) Exist(path string) bool

func (*Dylibx) GetExecutablePath 

func (d *Dylibx) GetExecutablePath(app string) (string, error)

func (*Dylibx) InSIPPath 

func (d *Dylibx) InSIPPath(path string) bool

func (*Dylibx) IsLibraryValidation 

func (d *Dylibx) IsLibraryValidation(f uint32) bool

func (*Dylibx) IsRuntime 

func (d *Dylibx) IsRuntime(f uint32) bool

func (*Dylibx) ParseProxyPath 

func (d *Dylibx) ParseProxyPath(path string, ExePath string) string

func (*Dylibx) ParseRPaths 

func (d *Dylibx) ParseRPaths(rpath []string, ExePath string)

func (*Dylibx) ScanApp 

func (d *Dylibx) ScanApp(path_ string) (*AppVulnerable, error)

type Entitlements 

type Entitlements struct {
	DisableLibraryValidation      bool `plist:"com.apple.security.cs.disable-library-validation"`
	AllowDyldEnvironmentVariables bool `plist:"com.apple.security.cs.allow-dyld-environment-variables"`
}

type FatMachOInfo 

type FatMachOInfo []*MachOInfo

func ParseMacho 

func ParseMacho(path string) (FatMachOInfo, error)

type MachOInfo 

type MachOInfo struct {
	Magic types.Magic
	CPU   types.CPU
	Type  types.HeaderFileType

	LoadDylinker   string
	LcRpaths       []string
	DylibLoads     []Dylib
	WeakDylibLoads []Dylib

	CodeSignFlags        uint32
	CodeSignEntitlements Entitlements
}

type VulnItem 

type VulnItem struct {
	Type string
	Path string
}

Source Files

View all Source files

Directories

Path Synopsis
cmd
dylibx

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.