Jump to content
Andy Vandijck

Tool to remove Apple Code Signatures from binaries

28 posts in this topic

Recommended Posts

This tool allows you to remove code signatures from binaries.

 

Proof of concept:

 

EDIT: New version with support to remove code signing DRS (this checks frameworks and libraries signatures when set).

stripcodesig.zip

Share this post


Link to post
Share on other sites
Advertisement

Would Apple signatures from binaries allows you to update all your software in Mavericks?

Removing code signatures has nothing to do with updates.

If it is an app you can update it if it is in your app store account.

Otherwise (system itself) you can update it anyway

Share this post


Link to post
Share on other sites

Hai Andy, im noobs, what the function of this apps..?
to make all loaded kext(not verify) to be verify by apple certificate?! :rolleyes:

Share this post


Link to post
Share on other sites

v

 

Hai Andy, im noobs, what the function of this apps..?

to make all loaded kext(not verify) to be verify by apple certificate?! :rolleyes:

no for that you need to sign the binary/bundle with an Apple dev certificate

this does the reverse.

binaries signed you can unsign (for example when you need to change the plist or modify the binary)

Share this post


Link to post
Share on other sites

no for that you need to sign the binary/bundle with an Apple dev certificate

this does the reverse.

binaries signed you can unsign (for example when you need to change the plist or modify the binary)

why would you need to unsign if you edit the plist or binary? 

do we also need to codesign it back after editing?

sorry, im not getting it :(

Share this post


Link to post
Share on other sites

why would you need to unsign if you edit the plist or binary?

do we also need to codesign it back after editing?

sorry, im not getting it :(

if you edit the plist or binary from a signed app bundle the app will crash. removing all the code sigs will make the app work.

especially for store apps this is useful. you can hack anybody's apps by removing masreceipt and codesignature folders combined with binary code signature removal.

I tested this...

Share this post


Link to post
Share on other sites

if you edit the plist or binary from a signed app bundle the app will crash. removing all the code sigs will make the app work.

especially for store apps this is useful. you can hack anybody's apps by removing masreceipt and codesignature folders combined with binary code signature removal.

I tested this.

Thanks for the explanation, Understood! :)

Lastly, Do we need to codesign -f -s - "xxxx" after editng it?

Share this post


Link to post
Share on other sites

Thanks for the explanation, Understood! :)

Lastly, Do we need to codesign -f -s - "xxxx" after editng it?

resigning after code signature removal doesn't work yet.

this will be adressed in the next version (better binary patching)

Share this post


Link to post
Share on other sites

nice stuff I made some try but i m still annoyed with sandbox/ entitlements :

 

"XPC domain creation failed: Process is not in an inherited sandbox."

 

any idea how to remove sandboxing from an app ?

Share this post


Link to post
Share on other sites

nice stuff I made some try but i m still annoyed with sandbox/ entitlements :

 

"XPC domain creation failed: Process is not in an inherited sandbox."

 

any idea how to remove sandboxing from an app ?

Yes I do.

I'll create an app for it soon.

Share this post


Link to post
Share on other sites

really nice, can't wait to see you work.

 

In the meantime i find my problem : the first binary i striped was calling a second binary in the bundle which have the same name. I striped the second one and got no problem.

 

great tool !!

 

another question: could you point me to some informations about DRS ? 

Share this post


Link to post
Share on other sites

really nice, can't wait to see you work.

 

In the meantime i find my problem : the first binary i striped was calling a second binary in the bundle which have the same name. I striped the second one and got no problem.

 

great tool !!

 

another question: could you point me to some informations about DRS ?

Drs simply checks a number of frameworks and libraries their code signature on load

Share this post


Link to post
Share on other sites

I added your tool to a applescript app I created that patches the OpenCL framework and prevents GPUs from using OpenCL. May I have your permission to share this app with others?

 

Also, Can you create a tool or patch that would completely disable all code sign checkin at all times?

 

http://reverse.put.as/2013/11/23/breaking-os-x-signed-kernel-extensions-with-a-nop/

Share this post


Link to post
Share on other sites

I added your tool to a applescript app I created that patches the OpenCL framework and prevents GPUs from using OpenCL. May I have your permission to share this app with others?

 

Also, Can you create a tool or patch that would completely disable all code sign checkin at all times?

 

http://reverse.put.as/2013/11/23/breaking-os-x-signed-kernel-extensions-with-a-nop/

1. Sure go ahead.

2. Fully disabling code sign checking needs a kernel patch as well as some other which I haven't found yet. Need time...

Share this post


Link to post
Share on other sites

1. Sure go ahead.

2. Fully disabling code sign checking needs a kernel patch as well as some other which I haven't found yet. Need time...

Thanks!!!

Share this post


Link to post
Share on other sites

Cool tool.

I study the code, it removed sign related command and data from mach-o. 

I'm wondering why the binary can't be signed with another certification now?

Look forward for your update.

Share this post


Link to post
Share on other sites

Cool tool.

I study the code, it removed sign related command and data from mach-o.

I'm wondering why the binary can't be signed with another certification now?

Look forward for your update.

I'm still checking why.

It just doesn't want to resign afterwards.

Probably needs to be realigned and sizes adjusted.

Share this post


Link to post
Share on other sites

Hi Andy,

 

Probably a silly question but can this be run on a intel i7 based mac? if not what needs to be changed to enable it to run?

 

Thanks for the help and sorry if its a dumb Question but I've been playing around with it and havent been able to get it to run as im on a i7 mac and keep getting this error:

 

d: warning: ignoring file Makefile, file was built for unsupported file format ( 0x43 0x43 0x3D 0x67 0x63 0x63 0x0A 0x43 0x46 0x4C 0x41 0x47 0x53 0x3D 0x2D 0x61 ) which is not the architecture being linked (x86_64): Makefile

Undefined symbols for architecture x86_64:

  "_main", referenced from:

     implicit entry/start for main executable

ld: symbol(s) not found for architecture x86_64

clang: error: linker command failed with exit code 1 (use -v to see invocation)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Ethan Jarvis
      Hello,
       
      Here I am looking for the answer of new Mac OS Catalina features and what type of Mac will support this new Os??
    • By JhonneR
      Good morning, everyone, I'm sorry if I was wrong in choosing the topic but I need help.
      I have found it extremely difficult to mount a Hackintosh in my acer.
      Setup;
      I5 2430m 2.4 6GB RAM
      Mobo P5we0 - Intel intel Graphics 3000
      At the moment I have not found out what my audio codecs are.
      but I'll leave the link on the motherboard.
      however, my real problem is several.
      I have already used the itakos image, I have already used several images that could be installed normally and that after installing the image I do not have internet via cable or wireless.
      And another, I already looked in other forums and I know that I will be called a donkey in the logical question but I have not been able to install the [url="http://www.insanelymac.com/forum/topic/279450-why-insanelymac-does-not-support-tonymacx86/"]#####[/url] or clover to start from the Hard Disk, so I do not know what to do.At the moment I still do not know if there has already been someone who has already installed the High Sierra or just the Sierra in this notebook model and obtained permanent success.
      If anyone can help me, I'll be grateful.
      Installations without success, but with the system already installed in ACER;
      SIERRA
      HIGH SIERRA
      MOJAVE
      All with the same symptom. Starting only by the bootable USB stick and without internet connection via cable and wireless.
      Appreciate ! Acer 5750 Official Page
    • By ucif19
      Hi, First of all, sorry for my English.
      I want to buy a WiFi/bt card for my hackintosh. I want a card that have a native support for MacOS because I need to use Handoff and AirDrop. I saw the card in the link below: anyone could tell me if the card have the requirements I mentioned before?
       
      wifi/bt card  Broadcom 94352Z DW1560: https://rover.ebay.com/rover/0/0/0?mpre=https%3A%2F%2Fwww.ebay.it%2Fulk%2Fitm%2F272204993348
       
      my build
      macos Mojave 10.14.3
      mobo: H170N-WiFi 
      cpu: i5-6500
      gpu: gtx 1060 6gb (not work on Mojave)
      Ram: 16Gb ddr4 2133 MHz
    • By MaLd0n
      Now have a Olarila app, just download app and clover folder for your Chipset! https://olarila.com/forum/viewtopic.php?f=81&t=6771   Install MacOS with Olarila Image, Step by Step, Install and Post Install
       
      https://olarila.com/forum/viewtopic.php?f=50&t=8685
          --Create a bootable copy of macOS Sierra   http://www.insanelymac.com/forum/files/file/559-flash-drive-maker/   --Create a bootable copy of macOS HighSierra   http://diskmakerx.com/   --Install Clover in USB stick   https://sourceforge.net/projects/cloverefiboot/files/Installer/   --Replace with my Clover folder    CLOVER.zip   --Install Sierra/High Sierra and boot into system!   Post Installation   --Install Clover in HDD/SSD and replace with my folder   CLOVER.zip   --Nvidia WebDriver Sierra   http://www.insanelymac.com/forum/topic/312525-nvidia-web-driver-updates-for-macos-sierra-update-07212017/   --Nvidia WebDriver High Sierra   http://www.insanelymac.com/forum/topic/324195-nvidia-web-driver-updates-for-macos-high-sierra-update-10162017/   --Cuda   http://www.insanelymac.com/forum/topic/302795-cuda-90214-is-out-update-10162017/   Now you need a fine tune!   --DSDT DSDT.GA H97M-D3H MaLd0n.zip Patches -FIX ERRORS AND WARNINGS -HPET -SATA -SLPB -EHCx -DARWIN -LPC -XHCI -HDEF -RTC -IRQs -SBUS -BUS1 -MCHC -ALS0 -SHUTDOWN -LAN -PNLF --Power Management   Use "plugin-type"=1 in DSDT, SSDT or Clover config.plist   --Brightness   Install .app, select the required permission and reboot. Work in F1 / F2 keys! NativeDisplayBrightness.app.zip https://github.com/Bensge/NativeDisplayBrightness/releases *in some cases .app don't work, check patches in config.plist inside Clover folder Post Install  
      --FakeSMC
        https://bitbucket.org/RehabMan/os-x-fakesmc-kozlek/downloads/   --Audio   https://github.com/vit9696/AppleALC   --USB   https://bitbucket.org/RehabMan/os-x-usb-inject-all/downloads   --LAN   http://www.insanelymac.com/forum/topic/287161-new-driver-for-realtek-rtl8111/   -Credits and thanks to the old and new people in the community who developed patches, kexts and bootloaders!   Slice, Kabyl, usr-sse2, jadran, Blackosx, dmazar, STLVNUB, pcj, apianti, JrCs, pene, FrodoKenny, skoczy, ycr.ru, Oscar09, xsmile, SoThOr, RehabMan, Download-Fritz, Zenit432, cecekpawon, Intel, Apple, Oracle, Chameleon Team, crazybirdy, Mieze, Mirone, Oldnapalm, netkas, Elconiglio, artut-pt, ErmaC, Pavo, Toleda, Master Chief and family, bcc9, The King, PMheart, Sherlocks, Micky1979, vit9696, vandroiy2013, Voodoo Team, Pike R. Alpha, lvs1974, Austere.J, CVad and many, many, many others!   We're all here to have fun and learn from each other!   ENJOY!
    • By MaLd0n
      Now have a Olarila app, just download app and clover folder for your Chipset! https://olarila.com/forum/viewtopic.php?f=81&t=6771   Install MacOS with Olarila Image, Step by Step, Install and Post Install
       
      https://olarila.com/forum/viewtopic.php?f=50&t=8685
        First... If you need DSDT edits for SkyLake, KabyLake or CoffeeLake... -Post your full Clover folder with original tables in Origin folder(Extract with F4 in Clover boot screen) -Run it, post files generated in your desktop RunMe.app  Installation   --Create a bootable copy of macOS Sierra Check out the link http://www.insanelymac.com/forum/files/file/559-flash-drive-maker/   --Create a bootable copy of macOS HighSierra Check out the link http://diskmakerx.com/   --Install Clover in USB stick https://sourceforge.net/projects/cloverefiboot/files/Installer/   --Replace with my Clover folder  CLOVER.zip   --Install Sierra/High Sierra and boot into system!   Post Installation   --Install Clover in HDD/SSD and replace with my folder CLOVER.zip   --Reboot and activate video!   -Nvidia WebDriver Sierra http://www.insanelymac.com/forum/topic/312525-nvidia-web-driver-updates-for-macos-sierra-update-07212017/ -Nvidia WebDriver High Sierra http://www.insanelymac.com/forum/topic/324195-nvidia-web-driver-updates-for-macos-high-sierra-update-10162017/ -Cuda http://www.insanelymac.com/forum/topic/302795-cuda-90214-is-out-update-10162017/   --DSDT My DSDT with patches for Skylake DSDT.MaLd0n ASUS Z170M PLUS.zip   Patches -FIX ERRORS AND WARNINGS -HPET -SATA -SLPB -DMAC -DARWIN -LPC -XHCI -PLUGIN TYPE -HDAS to HDEF -HDEF -RTC -IRQs -SBUS -BUS1 -MCHC -ALS0 -SHUTDOWN -LAN -USBX -PMCR -EC -IMEI -PNLF -HDMI --FakeSMC
      http://www.hwsensors.com/releases   --Audio https://github.com/vit9696/AppleALC   --USB https://bitbucket.org/RehabMan/os-x-usb-inject-all/downloads   --LAN https://github.com/Mieze/IntelMausiEthernet   -Credits and thanks to the old and new people in the community who developed patches, kexts and bootloaders!   Slice, Kabyl, usr-sse2, jadran, Blackosx, dmazar, STLVNUB, pcj, apianti, JrCs, pene, FrodoKenny, skoczy, ycr.ru, Oscar09, xsmile, SoThOr, RehabMan, Download-Fritz, Zenit432, cecekpawon, Intel, Apple, Oracle, Chameleon Team, crazybirdy, Mieze, Mirone, Oldnapalm, netkas, Elconiglio, artut-pt, ErmaC, Pavo, Toleda, Master Chief and family, bcc9, The King, PMheart, Sherlocks, Micky1979, vit9696, vandroiy2013, Voodoo Team, Pike R. Alpha, lvs1974, Austere.J, CVad and many, many, many others!   We're all here to have fun and learn from each other!   ENJOY!
×