Thursday, August 20, 2020

macSubstrate - Tool For Interprocess Code Injection On macOS


macSubstrate is a platform tool for interprocess code injection on macOS, with the similar function to Cydia Substrate on iOS. Using macSubstrate, you can inject your plugins (.bundle or .framework) into a mac app (including sandboxed apps) to tweak it in the runtime.
  • All you need is to get or create plugins for your target app.
  • No trouble with modification and codesign for the original target app.
  • No more work after the target app is updated.
  • Super easy to install or uninstall a plugin.
  • Loading plugins automatically whenever the target app is relaunched.
  • Providing a GUI app to make injection much easier.

Prepare
  • Disable SIP
  • Why should disable SIP
    System Integrity Protection is a new security policy that applies to every running process, including privileged code and code that runs out of the sandbox. The policy extends additional protections to components on disk and at run-time, only allowing system binaries to be modified by the system installer and software updates. Code injection and runtime attachments to system binaries are no longer permitted.

Usage
  1. download macSubstrate.app, put into /Applications and launch it.
    StatusBar
  2. grant authorization if needed.
  3. install a plugin by importing or dragging into macSubstrate.
    ToInstall
  4. launch the target app.
    step 3 and step 4 can be switched
    Once a plugin is installed by macSubstrate, it will take effect immediately. But if you want it to work whenever the target app is relaunched or macOS is restarted, you need to keep macSubstrate running and allow it to automatically launch at login.
  5. uninstall a plugin when you do not need it anymore.
    Installed

Plugin
macSubstrate supports plugins of .bundle or .framework, so you just need to create a valid .bundle or .framework file. The most important thing is to add a key macSubstratePlugin into the info.plist, with the dictionary value:
Key Value
TargetAppBundleID the target app's CFBundleIdentifier, this tells macSubstrate which app to inject.
Description brief description of the plugin
AuthorName author name of the plugin
AuthorEmail author email of the plugin
Please check the demo plugins demo.bundle and demo.framework for details.

Xcode Templates
macSubstrate also provides Xcode Templates to help you create plugins conveniently:
  1. ln -fhs ./macSubstratePluginTemplate ~/Library/Developer/Xcode/Templates/macSubstrate\ Plugin
  2. Launch Xcode, and there will be 2 new plugin templates for you.

Security
  1. SIP is a new security policy on macOS, which will help to keep you away from potential security risk. Disable it means you will lose the protection from SIP.
  2. If you install a plugin from a developer, you should be responsible for the security of the plugin. If you do not trust it, please do not install it. macSubstrate will help to verify the code signature of a plugin, and I suggest you to scan it using VirusTotal. Anyway, macSubstrate is just a tool, and it is your choice to decide what plugin to install.


Continue reading


  1. Pentest Tools Review
  2. Hack Tools
  3. Hacker Tools Apk Download
  4. Hacker Tools Mac
  5. Pentest Tools Bluekeep
  6. Hack Tools
  7. Hacker Tools Apk
  8. Hack And Tools
  9. Hacker Tools Github
  10. Hacking Tools Windows 10
  11. Hacking Tools For Pc
  12. Install Pentest Tools Ubuntu
  13. World No 1 Hacker Software
  14. Computer Hacker
  15. Pentest Tools Tcp Port Scanner
  16. Hacker Tools Hardware
  17. Pentest Tools
  18. Hacking Tools Windows 10
  19. Pentest Tools For Ubuntu
  20. Hacker Tools Windows
  21. Physical Pentest Tools
  22. Hack Apps
  23. Hack And Tools
  24. Hack Tool Apk
  25. Hack Tools
  26. Hacker
  27. Pentest Tools Linux
  28. Underground Hacker Sites
  29. Hacker
  30. Pentest Tools Tcp Port Scanner
  31. Hack Tools Github
  32. Underground Hacker Sites
  33. Ethical Hacker Tools
  34. How To Install Pentest Tools In Ubuntu
  35. Hacking Tools For Windows Free Download
  36. Hack Tools For Mac
  37. Underground Hacker Sites
  38. Hacking Tools For Windows
  39. Hak5 Tools
  40. Best Hacking Tools 2020
  41. Hacker Tools Free
  42. Hacking Tools Download
  43. Pentest Tools Review
  44. Hacking Tools For Kali Linux
  45. Hacking Tools 2019
  46. Hack Tool Apk
  47. Pentest Tools Url Fuzzer
  48. Underground Hacker Sites
  49. Hacker Tools Hardware
  50. Growth Hacker Tools
  51. Hack Tools
  52. Hacker Tools 2019
  53. Hacker Tools For Pc
  54. Underground Hacker Sites
  55. Hacker Tools Online
  56. Nsa Hack Tools
  57. Pentest Tools Apk
  58. Underground Hacker Sites
  59. Hacker Tool Kit
  60. Hacker Security Tools
  61. Hacker Tools Free Download
  62. Free Pentest Tools For Windows
  63. Pentest Tools For Mac
  64. Hacking Tools For Kali Linux
  65. Hacker Tools Free Download
  66. Hacking Tools For Mac
  67. Hacking App
  68. Pentest Tools Review
  69. How To Make Hacking Tools
  70. Hacking Tools Name
  71. Pentest Reporting Tools
  72. What Is Hacking Tools
  73. Hacks And Tools
  74. Pentest Box Tools Download
  75. Hacking Tools Windows
  76. Hacker Tools List
  77. Physical Pentest Tools
  78. Hacking Tools
  79. Ethical Hacker Tools
  80. Pentest Tools Online
  81. Hackrf Tools
  82. Hacking Tools 2020
  83. Underground Hacker Sites
  84. Android Hack Tools Github
  85. New Hacker Tools
  86. Hacker Tools Windows
  87. Hak5 Tools
  88. Pentest Tools Bluekeep
  89. Github Hacking Tools
  90. Pentest Box Tools Download
  91. Hacking Tools And Software
  92. Pentest Tools Nmap
  93. Underground Hacker Sites
  94. Hacker Tools Apk Download
  95. Hacking Tools 2019
  96. Hacking Tools For Windows
  97. What Are Hacking Tools
  98. How To Make Hacking Tools
  99. Hacker
  100. Pentest Tools Nmap
  101. Hacking Tools 2019
  102. New Hack Tools
  103. Hack Tools Mac
  104. Nsa Hack Tools
  105. Hacking Tools Download
  106. Hacker Tools Apk
  107. What Is Hacking Tools
at

No comments:

Post a Comment