-
Notifications
You must be signed in to change notification settings - Fork 0
/
kd
61 lines (49 loc) · 2.12 KB
/
kd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#!/bin/bash
if [[ $# -ne 1 ]]; then
echo "Error: Exactly one argument (app_bundle_id) is required. An example would be com.example.app."
exit 1
fi
app_bundle_id=$1
echo "Proceeding with app_bundle_id: $app_bundle_id"
KEYCHAIN_DUMPER_FOLDER="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
if [ ! -d "$KEYCHAIN_DUMPER_FOLDER" ] ; then
mkdir "$KEYCHAIN_DUMPER_FOLDER" ;
fi
if [ ! -f "$KEYCHAIN_DUMPER_FOLDER/keychain_dumper" ]; then
echo "The file \"$KEYCHAIN_DUMPER_FOLDER/keychain_dumper\" does not exist. " \
"Move the binary into the folder \"$KEYCHAIN_DUMPER_FOLDER/\" and run the script again."
exit 1
fi
# set -e ;
ENTITLEMENT_PATH=$KEYCHAIN_DUMPER_FOLDER/ent.xml
dbKeychainArray=()
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" > $ENTITLEMENT_PATH
echo "<!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">" >> $ENTITLEMENT_PATH
echo "<plist version=\"1.0\">" >> $ENTITLEMENT_PATH
echo " <dict>" >> $ENTITLEMENT_PATH
echo " <key>keychain-access-groups</key>" >> $ENTITLEMENT_PATH
echo " <array>" >> $ENTITLEMENT_PATH
sqlite3 /var/Keychains/keychain-2.db "SELECT DISTINCT agrp FROM genp" > ./allgroups.txt
#sqlite3 /var/Keychains/keychain-2.db "SELECT DISTINCT agrp FROM cert" >> ./allgroups.txt
#sqlite3 /var/Keychains/keychain-2.db "SELECT DISTINCT agrp FROM inet" >> ./allgroups.txt
#sqlite3 /var/Keychains/keychain-2.db "SELECT DISTINCT agrp FROM keys" >> ./allgroups.txt
while IFS= read -r line; do
dbKeychainArray+=("$line")
if [[ ${line} == *"$app_bundle_id"* ]]; then
echo " <string>${line}</string>">> $ENTITLEMENT_PATH
else
echo "Skipping ${line}"
fi
done < ./allgroups.txt
rm ./allgroups.txt
echo " </array>">> $ENTITLEMENT_PATH
echo " <key>platform-application</key> <true/>">> $ENTITLEMENT_PATH
echo " <key>com.apple.private.security.no-container</key> <true/>">> $ENTITLEMENT_PATH
echo " </dict>">> $ENTITLEMENT_PATH
echo "</plist>">> $ENTITLEMENT_PATH
cd $KEYCHAIN_DUMPER_FOLDER
ldid -Sent.xml keychain_dumper
rm ent.xml
echo "Entitlements updated"
echo "Running Keychain Dumper.."
$KEYCHAIN_DUMPER_FOLDER/keychain_dumper