Add 'server/' from commit '800090542d91beae40bc81fc41b67ba61c47da77'

git-subtree-dir: server git-subtree-mainline: 6a4054c15a git-subtree-split: 800090542d
2025-09-06 19:36:27 -07:00
parent 6a4054c15a 800090542d
commit 7fe2701272
77 changed files with 13705 additions and 0 deletions
--- a/server/agentHook/agentHook.m
+++ b/server/agentHook/agentHook.m
@@ -0,0 +1,19 @@
+#import <mach/message.h>
+#import <Foundation/Foundation.h>
+
+#include <dlfcn.h>
+
+#define DYLD_INTERPOSE(_replacment,_replacee) \
+__attribute__((used)) static struct{ const void* replacment; const void* replacee; } _interpose_##_replacee \
+__attribute__ ((section ("__DATA,__interpose"))) = { (const void*)(unsigned long)&_replacment, (const void*)(unsigned long)&_replacee };
+
+
+BOOL IMDAuditTokenTaskHasEntitlement(audit_token_t *auditToken, NSString *entitlement);
+
+BOOL replacement__IMDAuditTokenTaskHasEntitlement(audit_token_t *auditToken, NSString *entitlement)
+{
+    // Bypass all entitlement checks
+    return YES;
+}
+
+DYLD_INTERPOSE(replacement__IMDAuditTokenTaskHasEntitlement, IMDAuditTokenTaskHasEntitlement);
--- a/server/agentHook/hookAgent.sh
+++ b/server/agentHook/hookAgent.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+# This script is necessary to circumvent the entitlements check in imagent.
+# Might want to wrap this script up in a startup script or something so we make sure this
+# happens every time.
+
+if [[ $# -lt 1 ]]; then
+    echo "Usage: hookAgent.sh libagentHook.dylib"
+    exit 0
+fi
+
+LIB_PATH=$(python -c "import os; print(os.path.realpath('$1'))")
+echo "Library path: $LIB_PATH"
+
+echo "Telling imagent to launch with inserted libraries for uid $EUID"
+sudo launchctl debug gui/$EUID/com.apple.imagent --environment DYLD_INSERT_LIBRARIES=$LIB_PATH
+launchctl kill SIGKILL gui/501/com.apple.imagent
+
+echo "\nYou might have to kill imagent for changes to take effect (killall imagent)"
+