Guest User

Untitled

a guest
Aug 23rd, 2019
80
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. int csrutil_EntryPoint(int arg0, int arg1) {
  2. rsi = arg1;
  3. r15 = rsi;
  4. r12 = arg0;
  5. if (r12 == 0x1) goto loc_100001f05;
  6.  
  7. loc_10000184d:
  8. rbx = *(r15 + 0x8);
  9. if (strcmp(rbx, "clear") == 0x0) goto loc_10000193f;
  10.  
  11. loc_100001868:
  12. r14 = r12 - 0x1;
  13. if (strcmp(rbx, "disable") == 0x0) goto loc_100001965;
  14.  
  15. loc_100001884:
  16. r15 = r15 + 0x8;
  17. if (strcmp(rbx, "enable") == 0x0) goto loc_1000019e4;
  18.  
  19. loc_10000189f:
  20. if (strcmp(rbx, "netboot") == 0x0) goto loc_100001b85;
  21.  
  22. loc_1000018b6:
  23. if (strcmp(rbx, "report") == 0x0) goto loc_100001b92;
  24.  
  25. loc_1000018cd:
  26. if (strcmp(rbx, "status") != 0x0) goto loc_100001f62;
  27.  
  28. loc_1000018e4:
  29. var_B4 = 0x0;
  30. rax = csr_get_active_config(&var_B4, "status");
  31. if (rax != 0x0) goto loc_100001f4f;
  32.  
  33. loc_1000018fe:
  34. printf("System Integrity Protection status: ");
  35. rax = var_B4;
  36. if (rax <= 0x66) {
  37. if (rax != 0x0) {
  38. if (rax == 0x10) {
  39. rsi = "status";
  40. rdi = "enabled (Apple Internal).";
  41. }
  42. else {
  43. puts("enabled (Custom Configuration).\n");
  44. puts("Configuration:");
  45. rsi = "disabled";
  46. if ((var_B4 & 0x10) != 0x0) {
  47. rsi = "enabled";
  48. }
  49. printf("\tApple Internal: %s\n", rsi);
  50. rbx = 0x10;
  51. do {
  52. rsi = *(rbx + objc_cls_ref_NSMutableArray);
  53. rdx = "enabled";
  54. if ((var_B4 & *(int32_t *)(rbx + 0x1000032a0)) != 0x0) {
  55. rdx = "disabled";
  56. }
  57. printf("\t%s: %s\n", rsi, rdx);
  58. rbx = rbx + 0x18;
  59. } while (rbx != 0xa0);
  60. rdi = "\nThis is an unsupported configuration, likely to break in the future and leave your machine in an unknown state.";
  61. }
  62. }
  63. else {
  64. rsi = "status";
  65. rdi = "enabled.";
  66. }
  67. }
  68. else {
  69. if (rax != 0x67) {
  70. if (rax == 0x77) {
  71. rsi = "status";
  72. rdi = "disabled (Apple Internal).";
  73. }
  74. else {
  75. puts("enabled (Custom Configuration).\n");
  76. puts("Configuration:");
  77. rsi = "disabled";
  78. if ((var_B4 & 0x10) != 0x0) {
  79. rsi = "enabled";
  80. }
  81. printf("\tApple Internal: %s\n", rsi);
  82. rbx = 0x10;
  83. do {
  84. rsi = *(rbx + objc_cls_ref_NSMutableArray);
  85. rdx = "enabled";
  86. if ((var_B4 & *(int32_t *)(rbx + 0x1000032a0)) != 0x0) {
  87. rdx = "disabled";
  88. }
  89. printf("\t%s: %s\n", rsi, rdx);
  90. rbx = rbx + 0x18;
  91. } while (rbx != 0xa0);
  92. rdi = "\nThis is an unsupported configuration, likely to break in the future and leave your machine in an unknown state.";
  93. }
  94. }
  95. else {
  96. rsi = "status";
  97. rdi = "disabled.";
  98. }
  99. }
  100. puts(rdi);
  101. r15 = [sub_1000020f6(rdi, rsi, rdx, rcx) retain];
  102. if (r15 == 0x0) goto loc_100001f4f;
  103.  
  104. loc_100001cfb:
  105. rbx = [[r15 objectForKeyedSubscript:@"netboot-sources"] retain];
  106. r12 = [rbx count];
  107. [rbx release];
  108. if (r12 != 0x0) {
  109. putchar(0xa);
  110. puts("Allowed NetBoot sources:");
  111. *(int128_t *)(&var_120 + 0x30) = intrinsic_movaps(*(int128_t *)(&var_120 + 0x30), 0x0);
  112. *(int128_t *)(&var_120 + 0x20) = intrinsic_movaps(*(int128_t *)(&var_120 + 0x20), 0x0);
  113. *(int128_t *)(&var_120 + 0x10) = intrinsic_movaps(*(int128_t *)(&var_120 + 0x10), 0x0);
  114. var_120 = intrinsic_movaps(var_120, 0x0);
  115. var_C8 = r15;
  116. rax = [r15 objectForKeyedSubscript:@"netboot-sources"];
  117. rax = [rax retain];
  118. var_C0 = rax;
  119. rax = [rax countByEnumeratingWithState:&var_120 objects:&var_B0 count:0x10];
  120. rbx = rax;
  121. if (rbx != 0x0) {
  122. r13 = *_objc_msgSend;
  123. r15 = **(&var_120 + 0x10);
  124. do {
  125. r14 = r13;
  126. r13 = 0x0;
  127. do {
  128. if (*var_110 != r15) {
  129. objc_enumerationMutation(var_C0);
  130. }
  131. printf(" %s\n", (r14)(objc_retainAutorelease(*(var_118 + r13 * 0x8)), @selector(UTF8String)));
  132. r13 = r13 + 0x1;
  133. } while (r13 < rbx);
  134. r13 = r14;
  135. rax = (r13)(var_C0, @selector(countByEnumeratingWithState:objects:count:), &var_120, &var_B0, 0x10);
  136. rbx = rax;
  137. } while (rbx != 0x0);
  138. }
  139. [var_C0 release];
  140. r15 = var_C8;
  141. }
  142. [r15 release];
  143. goto loc_100001b5d;
  144.  
  145. loc_100001b5d:
  146. if (**___stack_chk_guard == **___stack_chk_guard) {
  147. rax = 0x0;
  148. }
  149. else {
  150. rax = __stack_chk_fail();
  151. }
  152. return rax;
  153.  
  154. loc_100001f4f:
  155. rax = errx(0x45, "failed to retrieve system integrity configuration.");
  156. return rax;
  157.  
  158. loc_100001f62:
  159. rdi = "invalid command %s";
  160. goto loc_100001edc;
  161.  
  162. loc_100001edc:
  163. sub_100001744(rdi, rbx, rdx, rcx, r8, r9, var_120);
  164. goto loc_100001ee6;
  165.  
  166. loc_100001ee6:
  167. rsi = r13;
  168. sub_100001744("invalid option %s.", rsi, rdx, rcx, r8, r9, var_120);
  169. goto loc_100001ef7;
  170.  
  171. loc_100001ef7:
  172. sub_100001744("--without requires an argument.", rsi, rdx, rcx, r8, r9, var_120);
  173. goto loc_100001f05;
  174.  
  175. loc_100001f05:
  176. sub_100001744(0x0, rsi, rdx, rcx, r8, r9, var_120);
  177. rax = __stack_chk_fail();
  178. return rax;
  179.  
  180. loc_100001b92:
  181. var_B0 = 0x0;
  182. rax = csr_get_active_config(&var_B0, "report");
  183. if (rax != 0x0) goto loc_100001f4f;
  184.  
  185. loc_100001bac:
  186. r14 = msgtracer_domain_new("com.apple.security.csr-config", "report");
  187. if (r14 == 0x0) goto loc_100001f6e;
  188.  
  189. loc_100001bcb:
  190. rbx = msgtracer_msg_new(r14, "report");
  191. if (rbx == 0x0) goto loc_100001f77;
  192.  
  193. loc_100001bdf:
  194. rax = var_B0;
  195. msgtracer_set(rbx, "com.apple.message.signature");
  196. msgtracer_log(rbx, 0x5, "");
  197. msgtracer_msg_free(rbx);
  198. msgtracer_domain_free(r14);
  199. goto loc_100001b5d;
  200.  
  201. loc_100001f77:
  202. rsi = "failed to create report message.";
  203. goto loc_100001f7e;
  204.  
  205. loc_100001f7e:
  206. rax = errx(0x47, rsi);
  207. return rax;
  208.  
  209. loc_100001f6e:
  210. rsi = "failed to create reporting domain.";
  211. goto loc_100001f7e;
  212.  
  213. loc_100001b85:
  214. sub_1000011f6(r14, r15);
  215. goto loc_100001b5d;
  216.  
  217. loc_1000019e4:
  218. var_B0 = 0x0;
  219. rax = csr_get_active_config(&var_B0);
  220. rdi = 0x10;
  221. if (rax == 0x0) {
  222. rdi = 0x200 & var_B0 | 0x10;
  223. }
  224. if (r14 < 0x2) goto loc_100001b44;
  225.  
  226. loc_100001a17:
  227. var_E0 = r12 - 0x2;
  228. rax = 0x1;
  229. var_D8 = r15;
  230. var_CC = r14;
  231. goto loc_100001a3c;
  232.  
  233. loc_100001a3c:
  234. var_C8 = rdi;
  235. var_C0 = rax;
  236. r13 = sign_extend_64(rax);
  237. rbx = *(r15 + r13 * 0x8);
  238. if (strcmp(rbx, "--no-internal") == 0x0) goto loc_100001b2a;
  239.  
  240. loc_100001a66:
  241. if (strcmp(rbx, "--without") != 0x0) goto loc_100001ed5;
  242.  
  243. loc_100001a7d:
  244. rsi = "--without";
  245. if (var_C0 == var_E0) goto loc_100001ef7;
  246.  
  247. loc_100001a8f:
  248. r14 = 0x0;
  249. warnx("requesting an unsupported configuration. This is likely to break in the future and leave your machine in an unknown state.");
  250. rbx = strtok(*(r15 + r13 * 0x8 + 0x8), ",");
  251. if (rbx == 0x0) goto loc_100001b09;
  252.  
  253. loc_100001ab9:
  254. r14 = 0x0;
  255. goto loc_100001abc;
  256.  
  257. loc_100001abc:
  258. r15 = 0x10;
  259. r13 = 0x0;
  260. do {
  261. if (strcmp(*(r15 + objc_cls_ref_NSString), rbx) == 0x0) {
  262. r13 = *(int32_t *)(r15 + 0x1000032a0);
  263. }
  264. r15 = r15 + 0x18;
  265. } while (r15 != 0xa0);
  266. if (r13 == 0x0) goto loc_100001ed5;
  267.  
  268. loc_100001af0:
  269. r14 = r14 | r13;
  270. rbx = strtok(0x0, ",");
  271. if (rbx != 0x0) goto loc_100001abc;
  272.  
  273. loc_100001b09:
  274. rax = var_C0 + 0x1;
  275. rdi = var_C8 | r14;
  276. r15 = var_D8;
  277. r14 = var_CC;
  278. goto loc_100001b39;
  279.  
  280. loc_100001b39:
  281. rax = rax + 0x1;
  282. if (rax < r14) goto loc_100001a3c;
  283.  
  284. loc_100001b44:
  285. if (sub_100001ff8(rdi) != 0x0) goto loc_100001f13;
  286.  
  287. loc_100001b51:
  288. rdi = "Successfully enabled System Integrity Protection. Please restart the machine for the changes to take effect.";
  289. goto loc_100001b58;
  290.  
  291. loc_100001b58:
  292. puts(rdi);
  293. goto loc_100001b5d;
  294.  
  295. loc_100001f13:
  296. rsi = "failed to modify system integrity configuration. This tool needs to be executed from the Recovery OS.";
  297. goto loc_100001f23;
  298.  
  299. loc_100001f23:
  300. rax = errx(0x4d, rsi);
  301. return rax;
  302.  
  303. loc_100001ed5:
  304. rdi = "invalid option %s.";
  305. goto loc_100001edc;
  306.  
  307. loc_100001b2a:
  308. rdi = var_C8 & 0xffffffef;
  309. rax = var_C0;
  310. goto loc_100001b39;
  311.  
  312. loc_100001965:
  313. var_B0 = 0x0;
  314. rax = csr_get_active_config(&var_B0, "disable");
  315. r12 = 0x77;
  316. if (rax == 0x0) {
  317. r12 = 0x200 & var_B0 | 0x77;
  318. }
  319. if (r14 < 0x2) goto loc_1000019c8;
  320.  
  321. loc_100001998:
  322. r14 = sign_extend_64(r14);
  323. rbx = 0x1;
  324. goto loc_1000019a0;
  325.  
  326. loc_1000019a0:
  327. r13 = *(r15 + rbx * 0x8 + 0x8);
  328. if (strcmp(r13, "--no-internal") != 0x0) goto loc_100001ee6;
  329.  
  330. loc_1000019bc:
  331. r12 = r12 & 0xffffffef;
  332. rbx = rbx + 0x1;
  333. if (rbx < r14) goto loc_1000019a0;
  334.  
  335. loc_1000019c8:
  336. if (sub_100001ff8(r12) != 0x0) goto loc_100001f13;
  337.  
  338. loc_1000019d8:
  339. rdi = "Successfully disabled System Integrity Protection. Please restart the machine for the changes to take effect.";
  340. goto loc_100001b58;
  341.  
  342. loc_10000193f:
  343. if (geteuid() != 0x0) goto loc_100001f1c;
  344.  
  345. loc_10000194c:
  346. rax = sub_100001f8a();
  347. if (rax != 0x0) goto loc_100001f2f;
  348.  
  349. loc_100001959:
  350. rdi = "Successfully cleared System Integrity Protection. Please restart the machine for the changes to take effect.";
  351. goto loc_100001b58;
  352.  
  353. loc_100001f2f:
  354. rax = errx(0x4d, "failed to clear system integrity configuration. %s", mach_error_string(rax));
  355. return rax;
  356.  
  357. loc_100001f1c:
  358. rsi = "failed to clear system integrity configuration. This tool needs to be run as root.";
  359. goto loc_100001f23;
  360. }
RAW Paste Data