Created
March 3, 2025 11:22
-
-
Save Maple38/90c2c855dab8062313da3a66576738fc to your computer and use it in GitHub Desktop.
Resign MacOS apps with com.apple.security.get-task-allow entitlement for dynamic analysis with IDA Pro's debugger or others
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script creates an entitlements file with com.apple.security.get-task-allow enabled | |
| # and re-signs the specified binary using an ad hoc signature. | |
| # Mostly written by chatgpt. It works though :) | |
| # Usage: run it on an app idk it's pretty simple | |
| if [ "$#" -ne 1 ]; then | |
| echo "Usage: $0 /Path/To/YourBinary" | |
| exit 1 | |
| fi | |
| BINARY_PATH="$1" | |
| # Create entitlements.plist with the debugging entitlement | |
| cat <<EOF > entitlements.plist | |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" | |
| "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>com.apple.security.get-task-allow</key> | |
| <true/> | |
| </dict> | |
| </plist> | |
| EOF | |
| echo "Re-signing ${BINARY_PATH} with an ad hoc signature..." | |
| sudo codesign --force --deep --sign - --entitlements entitlements.plist "${BINARY_PATH}" | |
| if [ $? -eq 0 ]; then | |
| echo "Re-signing successful." | |
| else | |
| echo "Re-signing failed; check the output for errors." | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment