From ef8ff5f5e141182ece954a05fc25688776ad6199 Mon Sep 17 00:00:00 2001 From: doronz88 Date: Thu, 4 Apr 2024 08:59:27 +0300 Subject: [PATCH] darwin: processes: add `cdhash` property --- src/rpcclient/rpcclient/darwin/processes.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/rpcclient/rpcclient/darwin/processes.py b/src/rpcclient/rpcclient/darwin/processes.py index 572ca61e..569ade8f 100644 --- a/src/rpcclient/rpcclient/darwin/processes.py +++ b/src/rpcclient/rpcclient/darwin/processes.py @@ -42,6 +42,7 @@ logger = logging.getLogger(__name__) +CDHASH_SIZE = 20 CHUNK_SIZE = 1024 * 64 APP_SUFFIX = '.app/' @@ -732,6 +733,14 @@ def regions(self) -> List[Region]: return result + @property + def cdhash(self) -> bytes: + with self._client.safe_malloc(CDHASH_SIZE) as cdhash: + # by reversing online-auth-agent + if 0 != self._client.symbols.csops(self.pid, 5, cdhash, CDHASH_SIZE): + raise BadReturnValueError(f'failed to get cdhash for {self.pid}') + return cdhash.peek(CDHASH_SIZE) + def get_process_symbol(self, address: int) -> ProcessSymbol: return ProcessSymbol.create(address, self._client, self)