CalvinBackup/SnakeAppleSecurityFiles
1
0
Fork 0
mirror of https://github.com/Karmaz95/Snake_Apple.git synced 2026-03-30 14:00:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
Karmaz95
2024-03-25 09:34:55 +01:00
parent 7c2231ec8d
commit 6c12efc925
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
VI. AMFI/python/CrimsonUroboros.py
View File

@@ -2266,14 +2266,14 @@ class SnakeVI(SnakeV):
def checkDyldInsertLibraries(self):
''' Check if binary is vulnerable to code injection using DYLD_INSERT_LIBRARIES. '''
cs_flags = self.getCodeSignatureFlags()
if cs_flags & 0x2800:
if cs_flags & 0x2800: # CS_RESTRICT | CS_REQUIRE_LV
return False
if self.hasSetUID() or self.hasSetGID() or self.hasRestrictSegment():
if self.hasSetUID() or self.hasSetGID() or self.hasRestrictSegment(): # SUID | GUID | __RESTRICT,__restrict
return False
has_insecure_entitlements_combination = self.hasDisableLibraryValidationEntitlement(self.file_path) and self.hasAllowDEV(self.file_path)
if (cs_flags & 0x10000) and (not has_insecure_entitlements_combination):
if (cs_flags & 0x10000) and (not has_insecure_entitlements_combination): # CS_RUNTIME without disabled LV and allowed DEV through entitlements
return False
return True