Joseph Chilcote chilcote
np5
/ 20250227_output.csv
Last active
February 27, 2025 21:17
Apple computer / model identifiers model id models ID IDENTIFIERS APPLE mac MacPro script parse download output
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Model | Type | Identifier | |
|---|---|---|---|
| MacBook Air | LAPTOP | Mac14,15 | |
| MacBook Air | LAPTOP | Mac14,2 | |
| MacBook Air | LAPTOP | Mac15,12 | |
| MacBook Air | LAPTOP | Mac15,13 | |
| MacBook Air | LAPTOP | MacBookAir10,1 | |
| MacBook Air | LAPTOP | MacBookAir2,1 | |
| MacBook Air | LAPTOP | MacBookAir3,1 | |
| MacBook Air | LAPTOP | MacBookAir3,2 | |
| MacBook Air | LAPTOP | MacBookAir4,1 |
nikolay-n
/ defsmon.py
Last active
October 29, 2022 14:26
Defaults Monitor - tool to sniff defaults keys and values using unified log
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2.7 | |
| # -*- coding: utf-8 -*- | |
| ''' | |
| Defaults Monitor - tool to sniff defaults keys and values using unified log | |
| to launch use standard python 2.7, eg python2.7 ./defsmon.py | |
| ''' | |
| import os |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CC=gcc | |
| CFLAGS= | |
| SIGNINGIDENTITY="insert signing identity here" | |
| IDENTIFIER=com.someorg.fudo.changeme | |
| fudo: main.c | |
| $(CC) -o fudo main.c | |
| codesign -s $(SIGNINGIDENTITY) -i $(IDENTIFIER) fudo |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>PayloadContent</key> | |
| <array> | |
| <dict> | |
| <key>PayloadDisplayName</key> | |
| <string>Privacy Preferences Policy Control</string> | |
| <key>PayloadIdentifier</key> |
haircut
/ tcc-reset.py
Last active
December 17, 2024 16:38
Completely reset TCC services database in macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| """ | |
| Completely reset TCC services database in macOS | |
| Note: Both the system and individual users have TCC databases; run the script as both | |
| a user and as root to completely reset TCC decisions at all levels. | |
| 2018-08-15: Resetting the 'Location' service fails; unknown cause | |
| 2018-08-16: Confirmed the 'All' service does not really reset _all_ | |
| services, so individual calls to each service is necessary. |
pudquick
/ cms_detached_verify.py
Last active
November 29, 2022 21:06
Verifying a CMS detached signature in pyobjc on macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import objc | |
| from ctypes import create_string_buffer, c_void_p, cast | |
| from Foundation import NSBundle | |
| Security = NSBundle.bundleWithIdentifier_('com.apple.security') | |
| # CMSDecoder.h | |
| kCMSSignerUnsigned = 0 | |
| kCMSSignerValid = 1 | |
| kCMSSignerNeedsDetachedContent = 2 |
tburgin
/ chrome_running.py
Last active
March 17, 2018 20:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from AppKit import NSRunningApplication | |
| print NSRunningApplication.runningApplicationsWithBundleIdentifier_("com.google.Chrome").count() |
MagerValp
/ Kernel Extension Policy.mobileconfig
Last active
May 2, 2020 15:27
Sample kernel extension whitelist for 10.13.4+
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>PayloadContent</key> | |
| <array> | |
| <dict> | |
| <key>AllowUserOverrides</key> | |
| <true/> | |
| <key>AllowedTeamIdentifiers</key> |
zoocoup
/ SecureToken and sysadminctl in 10.13 (based on 10.13.4)
Last active
April 23, 2024 12:41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Updated to reflect changes introduced with 10.13.4. Update to 10.13.4 if needed before attempting to make | |
| SecureToken-related changes. ### | |
| sysadminctl is a tool Apple introduced in 10.10 for working with system user accounts. In 10.13, sysadminctl is Apple's | |
| recommended tool for working with user accounts in the CLI, replacing functionality that has long been provided by dscl | |
| and adds new features available only in 10.13. sysadminctl can be used to change user passwords, create new users or | |
| check the status of a new-to-10.13 security feature named SecureToken. | |
| SecureToken is a non-visible APFS file system attribute, unlike the SIP protected flag or file creation date, that triggers | |
| the creation of a new AuthenticationAuthority entry in a user's local account record |
opragel
/ forcefully_remove_mdm_1015.sh
Last active
June 10, 2024 06:29
forcefully_remove_mdm_1015.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Seriously there still apparently aren't enough warning labels | |
| # If you don't understand the consequences don't do it | |
| REMOVE_PATHS=( # "/var/db/ConfigurationProfiles/.passcodePolicesAreInstalled" | |
| # "/var/db/ConfigurationProfiles/.cloudConfigHasActivationRecord" | |
| # "/var/db/ConfigurationProfiles/.cloudConfigNoActivationRecord" | |
| # "/var/db/ConfigurationProfiles/.cloudConfigProfileObtained" | |
| # "/var/db/ConfigurationProfiles/.cloudConfigRecordFound" | |
| # "/var/db/ConfigurationProfiles/.profilesAreInstalled" |
NewerOlder