Michael Lynn pudquick
pudquick
/ keychain_password.py
Created
March 6, 2017 20:53
Storing and retrieving a generic password in the login.keychain in macOS via python and pyobjc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import objc | |
| from ctypes import c_char | |
| from Foundation import NSBundle | |
| Security = NSBundle.bundleWithIdentifier_('com.apple.security') | |
| S_functions = [ | |
| ('SecKeychainGetTypeID', 'I'), | |
| ('SecKeychainItemGetTypeID', 'I'), | |
| ('SecKeychainAddGenericPassword', 'i^{OpaqueSecKeychainRef=}I*I*I*o^^{OpaqueSecKeychainItemRef}'), | |
| ('SecKeychainOpen', 'i*o^^{OpaqueSecKeychainRef}'), |
pudquick
/ pyobjc_keychain.py
Last active
February 28, 2020 17:09
Manipulating the Keychain in macOS via python and pyobjc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from Foundation import NSBundle | |
| import objc, array | |
| # from CoreFoundation import CFGetTypeID | |
| Security = NSBundle.bundleWithPath_('/System/Library/Frameworks/Security.framework') | |
| # First we need the CF TypeIDs to build some signatures | |
| functions = [ | |
| ('SecKeychainGetTypeID', 'I'), | |
| ] |
pudquick
/ xcode_get.py
Last active
December 7, 2020 09:01
Stupid tricks: using stock macOS python subprocess with curl to download products from Apple's Developer Center
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from subprocess import Popen, PIPE, STDOUT, check_output | |
| from mimetools import Message | |
| from StringIO import StringIO | |
| from urlparse import urlparse, parse_qs | |
| from urllib import quote, basejoin, urlencode | |
| DEV_SITE = 'https://developer.apple.com' | |
| AUTH_SITE = 'https://idmsa.apple.com' | |
| AUTH_PATH = '/IDMSWebAuth/authenticate' | |
| APPIDKEY_PATH = "/services-account/download?path=%s" |
pudquick
/ ck_passwords.py
Last active
April 2, 2022 14:02
Generating Safari-style passwords using the PrivateFramework WBSPasswordGeneration class on macOS via python & pyobjc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # For an alternative method, check out: | |
| # https://gist.github.com/pudquick/3ff4278c609ce223ebb4fc300c5edd0f | |
| # Note: this method no longer works for Safari 15+ | |
| from Foundation import NSBundle, NSClassFromString | |
| SafariShared = NSBundle.bundleWithPath_('/System/Library/PrivateFrameworks/SafariShared.framework') | |
| loaded = SafariShared.load() | |
| WBSPasswordGeneration = NSClassFromString('WBSPasswordGeneration') | |
| CKRecord = NSClassFromString('CKRecord') |
pudquick
/ passwords.py
Last active
May 28, 2020 16:14
Generating passwords using SecurityFoundation's password assistant hidden functions on macOS via python & pyobjc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Hat tip to https://github.com/anders/pwgen for various initial documentation | |
| # For an alternative method, check out: | |
| # https://gist.github.com/pudquick/8d3dedc337161b187a8a1c9564c83463 | |
| import objc | |
| from Foundation import NSBundle, NSMutableArray, NSString | |
| SecurityFoundation = NSBundle.bundleWithPath_('/System/Library/Frameworks/SecurityFoundation.framework') | |
| success = SecurityFoundation.load() |
pudquick
/ battery.py
Last active
November 25, 2024 21:46
Accessing battery details via python and pyobjc on macOS / OS X
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import objc | |
| from Foundation import NSBundle | |
| IOKit = NSBundle.bundleWithIdentifier_('com.apple.framework.IOKit') | |
| functions = [("IOServiceGetMatchingService", b"II@"), | |
| ("IOServiceMatching", b"@*"), | |
| ("IORegistryEntryCreateCFProperties", b"IIo^@@I"), | |
| ("IOPSCopyPowerSourcesByType", b"@I"), | |
| ("IOPSCopyPowerSourcesInfo", b"@"), |
pudquick
/ spx_serial.py
Created
January 4, 2017 16:43
Extract serial number out of .spx files generated by System Profiler on macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import plistlib, sys | |
| # Grab the path to the spx file | |
| file_path = sys.argv[1] | |
| # ingest the spx (which is a plist) | |
| file_data = plistlib.readPlist(file_path) |
pudquick
/ sip_config.py
Created
December 22, 2016 22:31
Querying active SIP status directly from the kernel, bypassing nvram and csrutil, via python on macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # An overly complicated SIP config checker | |
| # This is a technically interesting implementation because it does not rely on csrutil | |
| # Instead it queries the kernel directly for the current configuration status | |
| # This means, for example, in environments where SIP has been disabled and csrutil has | |
| # been removed or modified (say, with DYLD_LIBRARY_PATH), as long as python can run you | |
| # can still check status | |
| # Additionally, checking the nvram csr-active-config setting isn't accurate now with | |
| # 10.12.2+, since running "sudo csrutil clear" deletes the variable until reboot, |
pudquick
/ input_sources.py
Last active
October 16, 2022 08:35
Using python and pyobjc to enumerate and inspect input sources (keyboard layouts, input modes) on macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Useful for com.apple.HIToolbox.plist for configuration of input types, amongst other things | |
| from Foundation import NSBundle | |
| import objc | |
| HIToolbox_bundle = NSBundle.bundleWithIdentifier_("com.apple.HIToolbox") | |
| HIT_functions = [ | |
| ('TISCreateInputSourceList','@@B'), | |
| ('TISGetInputSourceProperty', '@@@'), |
pudquick
/ server_cert_details.py
Last active
May 28, 2021 18:13
Parsing server certificate OIDs for SSL connections with python and pyobjc on macOS / OS X
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ssl, base64, objc | |
| from Foundation import NSBundle | |
| Security = NSBundle.bundleWithIdentifier_('com.apple.security') | |
| S_functions = [ | |
| ('SecCertificateCreateWithData', '@@@'), | |
| ('SecCertificateCopyValues', '@@^@o^@'), | |
| ] | |
| objc.loadBundleFunctions(Security, globals(), S_functions) |