securityd and trustd hook

palera1n · Jan 11, 2024 · 3425651 · 3425651
1 parent dd9f82c
commit 3425651
Show file tree

Hide file tree

Showing 9 changed files with 29 additions and 4 deletions.
diff --git a/include/rootfulhooks/hooks.h b/include/rootfulhooks/hooks.h
@@ -2,5 +2,6 @@
 #define ROOTLESSHOOKS_HOOKS_H
 
 void lsdInit(void);
+void securitydInit(void);
 
 #endif
diff --git a/include/rootlesshooks/hooks.h b/include/rootlesshooks/hooks.h
@@ -3,5 +3,6 @@
 
 void cfprefsdInit(void);
 void sbInit(void);
+void securitydInit(void);
 
 #endif
diff --git a/src/rootfulhooks/Makefile b/src/rootfulhooks/Makefile
@@ -5,6 +5,7 @@ C_SRC = $(wildcard *.c)
 OBJC_SRC = $(wildcard *.m)
 OBJCFLAGS = -fobjc-arc 
 LIBS = -lobjc -framework Foundation -framework CoreFoundation ../libs/libellekit.tbd
+LIBS += -framework Security
 OBJS = $(patsubst %,$(OBJDIR)/%,$(OBJC_SRC:.m=.m.o) $(C_SRC:.c=.c.o))
 
 ifeq ($(ASAN),1)

diff --git a/src/rootfulhooks/main.c b/src/rootfulhooks/main.c
@@ -13,4 +13,6 @@ __attribute__((constructor))void rootfulhooks_main(void) {
     }
 
     if (!strcmp(path, "/usr/libexec/lsd")) lsdInit();
+    else if (strcmp(path, "/usr/libexec/securityd") == 0
+     || strcmp(path, "/usr/libexec/trustd") == 0) securitydInit();
 }
diff --git a/src/rootfulhooks/securityd.c b/src/rootfulhooks/securityd.c
@@ -0,0 +1 @@
+../rootlesshooks/securityd.c
diff --git a/src/rootlesshooks/Makefile b/src/rootlesshooks/Makefile
@@ -5,6 +5,7 @@ C_SRC = $(wildcard *.c)
 OBJC_SRC = $(wildcard *.m)
 OBJCFLAGS = -fobjc-arc 
 LIBS = -lobjc -framework Foundation -framework CoreFoundation ../libs/libellekit.tbd
+LIBS += -framework Security
 OBJS = $(patsubst %,$(OBJDIR)/%,$(OBJC_SRC:.m=.m.o) $(C_SRC:.c=.c.o))
 
 ifeq ($(ASAN),1)

diff --git a/src/rootlesshooks/main.c b/src/rootlesshooks/main.c
@@ -14,5 +14,7 @@ __attribute__((constructor))void rootlesshooks_main(void) {
 
     if (!strcmp(path, "/usr/sbin/cfprefsd")) cfprefsdInit();
     else if (!strcmp(path, "/System/Library/CoreServices/SpringBoard.app/SpringBoard")) sbInit();
+    else if (strcmp(path, "/usr/libexec/securityd") == 0
+     || strcmp(path, "/usr/libexec/trustd") == 0) securitydInit();
     /*else if (!strcmp(path, "/usr/libexec/lsd")) lsdInit(); */
 }
diff --git a/src/rootlesshooks/securityd.c b/src/rootlesshooks/securityd.c
@@ -0,0 +1,13 @@
+#include <Security/Security.h>
+#include <substrate.h>
+
+bool SecIsInternalRelease(void);
+
+bool (*orig_SecIsInternalRelease)(void);
+bool new_SecIsInternalRelease(void) {
+    return true;
+}
+
+void securitydInit(void) {
+    MSHookFunction(SecIsInternalRelease, (void*)new_SecIsInternalRelease, (void**)&orig_SecIsInternalRelease);
+}
diff --git a/src/systemhook/main.c b/src/systemhook/main.c
@@ -479,9 +479,11 @@ __attribute__((constructor)) static void initializer(void)
 #endif
 
 		if (pflags & palerain_option_rootless) {
-			if (strcmp(gExecutablePath, "/usr/sbin/cfprefsd") == 0) {
-				dlopen_hook("/cores/binpack/usr/lib/rootlesshooks.dylib", RTLD_NOW);
-			} else if (strcmp(gExecutablePath, "/System/Library/CoreServices/SpringBoard.app/SpringBoard") == 0) {
+			if (
+				strcmp(gExecutablePath, "/usr/sbin/cfprefsd") == 0 || 
+				strcmp(gExecutablePath, "/System/Library/CoreServices/SpringBoard.app/SpringBoard") == 0 ||
+				strcmp(gExecutablePath, "/usr/libexec/securityd") == 0
+				) {
 				dlopen_hook("/cores/binpack/usr/lib/rootlesshooks.dylib", RTLD_NOW);
 			}
 		} else {
@@ -492,7 +494,8 @@ __attribute__((constructor)) static void initializer(void)
 				if (!ret) release = atoi(name.release);
 			}
         	if (release && atoi(name.release) >= 20) {
-				if (strcmp(gExecutablePath, "/usr/libexec/lsd") == 0) {
+				if (strcmp(gExecutablePath, "/usr/libexec/lsd") == 0 ||
+				strcmp(gExecutablePath, "/usr/libexec/securityd") == 0) {
 					dlopen_hook("/cores/binpack/usr/lib/rootfulhooks.dylib", RTLD_NOW);
 				}
 			}