Entitlements List.....?

Questions and Answers about all things *OS (macOS, iOS, tvOS, watchOS)

Entitlements List.....?

Postby frankmarco » Thu Feb 18, 2016 4:41 pm

Hello,
I was wondering if anyone knows of published (web or whatever) list of entitlements and what the function of the entitlement does???

If so this would be GREATLY APPRECIATED!!!!

Thank you
frankmarco
 
Posts: 2
Joined: Sun Sep 20, 2015 1:33 pm

Re: Entitlements List.....?

Postby morpheus » Thu Feb 18, 2016 8:02 pm

Funny you should ask. I'm in the process of compiling the full and complete list of entitlements for MOXiI 2. The thing is it is HUGE and gotten out of hand already, so I am trying to build it into a query able database (with a web interface, etc).

In the meanwhile (good things with me take time, as people have figured out already)

jtool --ent on any binary will give you the entitlement consumers (i.e. those requesting entitlements)

jtool -d ... | grep SecTask will *usually* give you the producers. I say, usually, because there's way to get entitlements through csops[_audittoken] (sys call #169, #170) as well as some objective c wrappers. But when an app uses SecTask.. jtool already knows how to show you this. for example :


[root@Qilin libexec]# for i in *; do if jtool.ELF -S $i| grep>/dev/null SecTask ; then echo $i uses entitlements; fi; done
adid uses entitlements
configd uses entitlements
crash_mover uses entitlements
demod uses entitlements
demod_helper uses entitlements
keybagd uses entitlements
^C ### ... you get the idea
[root@Qilin libexec]# jtool.ELF -d keybagd | grep SecTask
Disassembling from file offset 0x15300, Address 0x100015300
1000159b8 BL Security::_SecTaskCreateWithAuditToken ; 1000205b4
1000159d0 BL Security::_SecTaskCopyValueForEntitlement ; 1000205a8
; R0 = Security::_SecTaskCopyValueForEntitlement(NULL,@"com.apple.keystore.device");


Again - this will yield you a partial list (because of other APIs), but -- you can automate it.

Or, you could wait a bit longer.
morpheus
Site Admin
 
Posts: 530
Joined: Thu Apr 11, 2013 6:24 pm

Re: Entitlements List.....?

Postby morpheus » Thu Feb 25, 2016 2:10 pm

.. and the entitlements database (v0.1) is now online at http://NewOSXBook.com/ent.jl

Note this is basic, but fully functional. Plenty of improvements yet to come.
morpheus
Site Admin
 
Posts: 530
Joined: Thu Apr 11, 2013 6:24 pm

Re: Entitlements List.....?

Postby Siguza » Sun Mar 06, 2016 5:40 pm

Is Cydia supposed to be on that list?
User avatar
Siguza
Unicorn
 
Posts: 158
Joined: Thu Jan 28, 2016 10:38 am

Re: Entitlements List.....?

Postby morpheus » Sun Mar 06, 2016 9:32 pm

I got the list automatically by running jtool --ent and then parsing and doing stuff. So it just so happens that Cydia got it (it was on a jailbroken device).
morpheus
Site Admin
 
Posts: 530
Joined: Thu Apr 11, 2013 6:24 pm


Return to Questions and Answers

Who is online

Users browsing this forum: No registered users and 1 guest