This commit is contained in:
Karmaz95
2024-03-25 09:34:55 +01:00
parent 7c2231ec8d
commit 6c12efc925
+3 -3
View File
@@ -2266,14 +2266,14 @@ class SnakeVI(SnakeV):
def checkDyldInsertLibraries(self): def checkDyldInsertLibraries(self):
''' Check if binary is vulnerable to code injection using DYLD_INSERT_LIBRARIES. ''' ''' Check if binary is vulnerable to code injection using DYLD_INSERT_LIBRARIES. '''
cs_flags = self.getCodeSignatureFlags() cs_flags = self.getCodeSignatureFlags()
if cs_flags & 0x2800: if cs_flags & 0x2800: # CS_RESTRICT | CS_REQUIRE_LV
return False return False
if self.hasSetUID() or self.hasSetGID() or self.hasRestrictSegment(): if self.hasSetUID() or self.hasSetGID() or self.hasRestrictSegment(): # SUID | GUID | __RESTRICT,__restrict
return False return False
has_insecure_entitlements_combination = self.hasDisableLibraryValidationEntitlement(self.file_path) and self.hasAllowDEV(self.file_path) has_insecure_entitlements_combination = self.hasDisableLibraryValidationEntitlement(self.file_path) and self.hasAllowDEV(self.file_path)
if (cs_flags & 0x10000) and (not has_insecure_entitlements_combination): if (cs_flags & 0x10000) and (not has_insecure_entitlements_combination): # CS_RUNTIME without disabled LV and allowed DEV through entitlements
return False return False
return True return True