Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- int csrutil_EntryPoint(int arg0, int arg1) {
- rsi = arg1;
- r15 = rsi;
- r12 = arg0;
- if (r12 == 0x1) goto loc_100001f05;
- loc_10000184d:
- rbx = *(r15 + 0x8);
- if (strcmp(rbx, "clear") == 0x0) goto loc_10000193f;
- loc_100001868:
- r14 = r12 - 0x1;
- if (strcmp(rbx, "disable") == 0x0) goto loc_100001965;
- loc_100001884:
- r15 = r15 + 0x8;
- if (strcmp(rbx, "enable") == 0x0) goto loc_1000019e4;
- loc_10000189f:
- if (strcmp(rbx, "netboot") == 0x0) goto loc_100001b85;
- loc_1000018b6:
- if (strcmp(rbx, "report") == 0x0) goto loc_100001b92;
- loc_1000018cd:
- if (strcmp(rbx, "status") != 0x0) goto loc_100001f62;
- loc_1000018e4:
- var_B4 = 0x0;
- rax = csr_get_active_config(&var_B4, "status");
- if (rax != 0x0) goto loc_100001f4f;
- loc_1000018fe:
- printf("System Integrity Protection status: ");
- rax = var_B4;
- if (rax <= 0x66) {
- if (rax != 0x0) {
- if (rax == 0x10) {
- rsi = "status";
- rdi = "enabled (Apple Internal).";
- }
- else {
- puts("enabled (Custom Configuration).\n");
- puts("Configuration:");
- rsi = "disabled";
- if ((var_B4 & 0x10) != 0x0) {
- rsi = "enabled";
- }
- printf("\tApple Internal: %s\n", rsi);
- rbx = 0x10;
- do {
- rsi = *(rbx + objc_cls_ref_NSMutableArray);
- rdx = "enabled";
- if ((var_B4 & *(int32_t *)(rbx + 0x1000032a0)) != 0x0) {
- rdx = "disabled";
- }
- printf("\t%s: %s\n", rsi, rdx);
- rbx = rbx + 0x18;
- } while (rbx != 0xa0);
- rdi = "\nThis is an unsupported configuration, likely to break in the future and leave your machine in an unknown state.";
- }
- }
- else {
- rsi = "status";
- rdi = "enabled.";
- }
- }
- else {
- if (rax != 0x67) {
- if (rax == 0x77) {
- rsi = "status";
- rdi = "disabled (Apple Internal).";
- }
- else {
- puts("enabled (Custom Configuration).\n");
- puts("Configuration:");
- rsi = "disabled";
- if ((var_B4 & 0x10) != 0x0) {
- rsi = "enabled";
- }
- printf("\tApple Internal: %s\n", rsi);
- rbx = 0x10;
- do {
- rsi = *(rbx + objc_cls_ref_NSMutableArray);
- rdx = "enabled";
- if ((var_B4 & *(int32_t *)(rbx + 0x1000032a0)) != 0x0) {
- rdx = "disabled";
- }
- printf("\t%s: %s\n", rsi, rdx);
- rbx = rbx + 0x18;
- } while (rbx != 0xa0);
- rdi = "\nThis is an unsupported configuration, likely to break in the future and leave your machine in an unknown state.";
- }
- }
- else {
- rsi = "status";
- rdi = "disabled.";
- }
- }
- puts(rdi);
- r15 = [sub_1000020f6(rdi, rsi, rdx, rcx) retain];
- if (r15 == 0x0) goto loc_100001f4f;
- loc_100001cfb:
- rbx = [[r15 objectForKeyedSubscript:@"netboot-sources"] retain];
- r12 = [rbx count];
- [rbx release];
- if (r12 != 0x0) {
- putchar(0xa);
- puts("Allowed NetBoot sources:");
- *(int128_t *)(&var_120 + 0x30) = intrinsic_movaps(*(int128_t *)(&var_120 + 0x30), 0x0);
- *(int128_t *)(&var_120 + 0x20) = intrinsic_movaps(*(int128_t *)(&var_120 + 0x20), 0x0);
- *(int128_t *)(&var_120 + 0x10) = intrinsic_movaps(*(int128_t *)(&var_120 + 0x10), 0x0);
- var_120 = intrinsic_movaps(var_120, 0x0);
- var_C8 = r15;
- rax = [r15 objectForKeyedSubscript:@"netboot-sources"];
- rax = [rax retain];
- var_C0 = rax;
- rax = [rax countByEnumeratingWithState:&var_120 objects:&var_B0 count:0x10];
- rbx = rax;
- if (rbx != 0x0) {
- r13 = *_objc_msgSend;
- r15 = **(&var_120 + 0x10);
- do {
- r14 = r13;
- r13 = 0x0;
- do {
- if (*var_110 != r15) {
- objc_enumerationMutation(var_C0);
- }
- printf(" %s\n", (r14)(objc_retainAutorelease(*(var_118 + r13 * 0x8)), @selector(UTF8String)));
- r13 = r13 + 0x1;
- } while (r13 < rbx);
- r13 = r14;
- rax = (r13)(var_C0, @selector(countByEnumeratingWithState:objects:count:), &var_120, &var_B0, 0x10);
- rbx = rax;
- } while (rbx != 0x0);
- }
- [var_C0 release];
- r15 = var_C8;
- }
- [r15 release];
- goto loc_100001b5d;
- loc_100001b5d:
- if (**___stack_chk_guard == **___stack_chk_guard) {
- rax = 0x0;
- }
- else {
- rax = __stack_chk_fail();
- }
- return rax;
- loc_100001f4f:
- rax = errx(0x45, "failed to retrieve system integrity configuration.");
- return rax;
- loc_100001f62:
- rdi = "invalid command %s";
- goto loc_100001edc;
- loc_100001edc:
- sub_100001744(rdi, rbx, rdx, rcx, r8, r9, var_120);
- goto loc_100001ee6;
- loc_100001ee6:
- rsi = r13;
- sub_100001744("invalid option %s.", rsi, rdx, rcx, r8, r9, var_120);
- goto loc_100001ef7;
- loc_100001ef7:
- sub_100001744("--without requires an argument.", rsi, rdx, rcx, r8, r9, var_120);
- goto loc_100001f05;
- loc_100001f05:
- sub_100001744(0x0, rsi, rdx, rcx, r8, r9, var_120);
- rax = __stack_chk_fail();
- return rax;
- loc_100001b92:
- var_B0 = 0x0;
- rax = csr_get_active_config(&var_B0, "report");
- if (rax != 0x0) goto loc_100001f4f;
- loc_100001bac:
- r14 = msgtracer_domain_new("com.apple.security.csr-config", "report");
- if (r14 == 0x0) goto loc_100001f6e;
- loc_100001bcb:
- rbx = msgtracer_msg_new(r14, "report");
- if (rbx == 0x0) goto loc_100001f77;
- loc_100001bdf:
- rax = var_B0;
- msgtracer_set(rbx, "com.apple.message.signature");
- msgtracer_log(rbx, 0x5, "");
- msgtracer_msg_free(rbx);
- msgtracer_domain_free(r14);
- goto loc_100001b5d;
- loc_100001f77:
- rsi = "failed to create report message.";
- goto loc_100001f7e;
- loc_100001f7e:
- rax = errx(0x47, rsi);
- return rax;
- loc_100001f6e:
- rsi = "failed to create reporting domain.";
- goto loc_100001f7e;
- loc_100001b85:
- sub_1000011f6(r14, r15);
- goto loc_100001b5d;
- loc_1000019e4:
- var_B0 = 0x0;
- rax = csr_get_active_config(&var_B0);
- rdi = 0x10;
- if (rax == 0x0) {
- rdi = 0x200 & var_B0 | 0x10;
- }
- if (r14 < 0x2) goto loc_100001b44;
- loc_100001a17:
- var_E0 = r12 - 0x2;
- rax = 0x1;
- var_D8 = r15;
- var_CC = r14;
- goto loc_100001a3c;
- loc_100001a3c:
- var_C8 = rdi;
- var_C0 = rax;
- r13 = sign_extend_64(rax);
- rbx = *(r15 + r13 * 0x8);
- if (strcmp(rbx, "--no-internal") == 0x0) goto loc_100001b2a;
- loc_100001a66:
- if (strcmp(rbx, "--without") != 0x0) goto loc_100001ed5;
- loc_100001a7d:
- rsi = "--without";
- if (var_C0 == var_E0) goto loc_100001ef7;
- loc_100001a8f:
- r14 = 0x0;
- warnx("requesting an unsupported configuration. This is likely to break in the future and leave your machine in an unknown state.");
- rbx = strtok(*(r15 + r13 * 0x8 + 0x8), ",");
- if (rbx == 0x0) goto loc_100001b09;
- loc_100001ab9:
- r14 = 0x0;
- goto loc_100001abc;
- loc_100001abc:
- r15 = 0x10;
- r13 = 0x0;
- do {
- if (strcmp(*(r15 + objc_cls_ref_NSString), rbx) == 0x0) {
- r13 = *(int32_t *)(r15 + 0x1000032a0);
- }
- r15 = r15 + 0x18;
- } while (r15 != 0xa0);
- if (r13 == 0x0) goto loc_100001ed5;
- loc_100001af0:
- r14 = r14 | r13;
- rbx = strtok(0x0, ",");
- if (rbx != 0x0) goto loc_100001abc;
- loc_100001b09:
- rax = var_C0 + 0x1;
- rdi = var_C8 | r14;
- r15 = var_D8;
- r14 = var_CC;
- goto loc_100001b39;
- loc_100001b39:
- rax = rax + 0x1;
- if (rax < r14) goto loc_100001a3c;
- loc_100001b44:
- if (sub_100001ff8(rdi) != 0x0) goto loc_100001f13;
- loc_100001b51:
- rdi = "Successfully enabled System Integrity Protection. Please restart the machine for the changes to take effect.";
- goto loc_100001b58;
- loc_100001b58:
- puts(rdi);
- goto loc_100001b5d;
- loc_100001f13:
- rsi = "failed to modify system integrity configuration. This tool needs to be executed from the Recovery OS.";
- goto loc_100001f23;
- loc_100001f23:
- rax = errx(0x4d, rsi);
- return rax;
- loc_100001ed5:
- rdi = "invalid option %s.";
- goto loc_100001edc;
- loc_100001b2a:
- rdi = var_C8 & 0xffffffef;
- rax = var_C0;
- goto loc_100001b39;
- loc_100001965:
- var_B0 = 0x0;
- rax = csr_get_active_config(&var_B0, "disable");
- r12 = 0x77;
- if (rax == 0x0) {
- r12 = 0x200 & var_B0 | 0x77;
- }
- if (r14 < 0x2) goto loc_1000019c8;
- loc_100001998:
- r14 = sign_extend_64(r14);
- rbx = 0x1;
- goto loc_1000019a0;
- loc_1000019a0:
- r13 = *(r15 + rbx * 0x8 + 0x8);
- if (strcmp(r13, "--no-internal") != 0x0) goto loc_100001ee6;
- loc_1000019bc:
- r12 = r12 & 0xffffffef;
- rbx = rbx + 0x1;
- if (rbx < r14) goto loc_1000019a0;
- loc_1000019c8:
- if (sub_100001ff8(r12) != 0x0) goto loc_100001f13;
- loc_1000019d8:
- rdi = "Successfully disabled System Integrity Protection. Please restart the machine for the changes to take effect.";
- goto loc_100001b58;
- loc_10000193f:
- if (geteuid() != 0x0) goto loc_100001f1c;
- loc_10000194c:
- rax = sub_100001f8a();
- if (rax != 0x0) goto loc_100001f2f;
- loc_100001959:
- rdi = "Successfully cleared System Integrity Protection. Please restart the machine for the changes to take effect.";
- goto loc_100001b58;
- loc_100001f2f:
- rax = errx(0x4d, "failed to clear system integrity configuration. %s", mach_error_string(rax));
- return rax;
- loc_100001f1c:
- rsi = "failed to clear system integrity configuration. This tool needs to be run as root.";
- goto loc_100001f23;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement