Created
May 25, 2024 17:37
-
-
Save rodnt/e34533ca4378c9dcbdf17a92878f3a2b to your computer and use it in GitHub Desktop.
Fix iOS binary entitlements/access for "Operation not permitted"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Author: 0xz41 feat Shoaloak | |
| # Description: Fix iOS binary entitlements/access for "Operation not permitted" | |
| ENTITLEMENT="com.apple.private.security.container-manager" | |
| binaries=( | |
| "sh" "bash" "zsh" "dash" | |
| "ls" "cat" "find" "cp" "mv" | |
| "rm" "mkdir" "rmdir" "touch" | |
| "file" "ln" "du" "scp" | |
| "chmod" "chown" "chgrp" | |
| "plutil" "otool" "nm" "lldb" | |
| ) | |
| # Confirmation | |
| echo "This script will inject an entitlement into key binaries." | |
| read -p "Are you sure? (y/n) " -n 1 -r | |
| echo | |
| if [[ ! $REPLY =~ ^[Yy]$ ]]; then | |
| echo "Aborted." | |
| exit 1 | |
| fi | |
| temp_dir=$(mktemp -d) | |
| trap 'rm -rf -- "$temp_dir"' EXIT | |
| for bin in "${binaries[@]}"; do | |
| # Check if binary exists | |
| if ! command -v "$bin" &> /dev/null; then | |
| echo "Binary '$bin' not found. Skipping." | |
| continue | |
| fi | |
| if ldid -e "$(command -v "$bin")" | grep -q "${ENTITLEMENT}"; then | |
| echo "Binary '$bin' already has the entitlement. Skipping." | |
| continue | |
| fi | |
| # Logging | |
| echo "Injecting entitlement into $bin..." | |
| ldid -e "$(command -v "$bin")" > "${temp_dir}/${bin}.xml" | |
| # Inject new entitlement using sed | |
| sed -i '' "s|</dict>| <key>${ENTITLEMENT}</key>\ | |
| <true/>\ | |
| </dict>|" "${temp_dir}/${bin}.xml" | |
| # Overwrite binary | |
| ldid -S"${temp_dir}/${bin}.xml" "$(command -v "$bin")" | |
| done | |
| echo "Entitlement injection completed." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment