From 160191bd3465ab234c313db0e8352da2687dcf73 Mon Sep 17 00:00:00 2001 From: opa334 Date: Mon, 27 Nov 2023 22:40:19 +0100 Subject: [PATCH] Sync with ChOma --- Exploits/fastPathSign/src/coretrust_bug.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/Exploits/fastPathSign/src/coretrust_bug.c b/Exploits/fastPathSign/src/coretrust_bug.c index c8b70d3..7fbc1c1 100644 --- a/Exploits/fastPathSign/src/coretrust_bug.c +++ b/Exploits/fastPathSign/src/coretrust_bug.c @@ -153,11 +153,8 @@ int apply_coretrust_bypass(const char *machoPath) // Otherwise use the main code directory realCodeDirBlob = mainCodeDirBlob; } - - CS_CodeDirectory *realCD = malloc(sizeof(CS_CodeDirectory)); - csd_blob_read(realCodeDirBlob, 0, sizeof(CS_CodeDirectory), realCD); - CODE_DIRECTORY_APPLY_BYTE_ORDER(realCD, BIG_TO_HOST_APPLIER); - if (realCD->hashType != CS_HASHTYPE_SHA256_256) { + + if (csd_code_directory_get_hash_type(realCodeDirBlob) != CS_HASHTYPE_SHA256_256) { printf("Error: Alternate code directory is not SHA256, bypass won't work!\n"); return -1; } @@ -180,6 +177,7 @@ int apply_coretrust_bypass(const char *machoPath) csd_superblob_remove_blob(decodedSuperblob, signatureBlob); csd_blob_free(signatureBlob); } + // Append new template blob signatureBlob = csd_blob_init(CSSLOT_SIGNATURESLOT, (CS_GenericBlob *)TemplateSignatureBlob); csd_superblob_append_blob(decodedSuperblob, signatureBlob);