From 11eb142d3b6bcf59b282302b36bc3ce654ebe764 Mon Sep 17 00:00:00 2001 From: alfiecg24 Date: Thu, 1 Feb 2024 21:40:23 +0000 Subject: [PATCH] Fix signing unsupported MachO types --- Exploits/fastPathSign/src/coretrust_bug.c | 12 ++++++++++++ Exploits/fastPathSign/src/main.m | 4 ++++ RootHelper/main.m | 2 ++ 3 files changed, 18 insertions(+) diff --git a/Exploits/fastPathSign/src/coretrust_bug.c b/Exploits/fastPathSign/src/coretrust_bug.c index 6aaa9fe..868c39e 100644 --- a/Exploits/fastPathSign/src/coretrust_bug.c +++ b/Exploits/fastPathSign/src/coretrust_bug.c @@ -127,6 +127,18 @@ int apply_coretrust_bypass(const char *machoPath) macho_free(macho); return 2; } + + if (macho->machHeader.filetype == MH_OBJECT) { + printf("Error: MachO is an object file, please use a MachO executable or dynamic library!\n"); + macho_free(macho); + return 3; + } + + if (macho->machHeader.filetype == MH_DSYM) { + printf("Error: MachO is a dSYM file, please use a MachO executable or dynamic library!\n"); + macho_free(macho); + return 3; + } CS_SuperBlob *superblob = macho_read_code_signature(macho); if (!superblob) { diff --git a/Exploits/fastPathSign/src/main.m b/Exploits/fastPathSign/src/main.m index b601632..df193d3 100644 --- a/Exploits/fastPathSign/src/main.m +++ b/Exploits/fastPathSign/src/main.m @@ -72,6 +72,10 @@ int main(int argc, char *argv[]) { } char *machoPath = extract_preferred_slice(input); + if (!machoPath) { + printf("Failed extracting best slice\n"); + return -1; + } printf("Extracted best slice to %s\n", machoPath); printf("Applying CoreTrust bypass...\n"); diff --git a/RootHelper/main.m b/RootHelper/main.m index 4cb8377..7ef1e4f 100644 --- a/RootHelper/main.m +++ b/RootHelper/main.m @@ -709,6 +709,8 @@ int signApp(NSString* appPath) // If not, we can continue but want to show a warning after the app is installed hasAdditionalEncryptedBinaries = YES; } + } else if (r == 3) { // Non-fatal - unsupported MachO type + NSLog(@"[%@] Cannot apply CoreTrust bypass on an unsupported MachO type!", filePath); } else { NSLog(@"[%@] CoreTrust bypass failed!!! :(", filePath);