diff --git a/dylib_dobby_hook/utils/CommonRetOC.m b/dylib_dobby_hook/utils/CommonRetOC.m index 379a253..5b76013 100644 --- a/dylib_dobby_hook/utils/CommonRetOC.m +++ b/dylib_dobby_hook/utils/CommonRetOC.m @@ -118,10 +118,21 @@ + (id)hook_defaultContainer { - (void)hook_AllSecItem{ NSLogger(@"hook_AllSecItem"); - tiny_hook(SecItemAdd, hk_SecItemAdd, NULL); - tiny_hook(SecItemUpdate, hk_SecItemUpdate, NULL); - tiny_hook(SecItemDelete, hk_SecItemDelete, NULL); - tiny_hook(SecItemCopyMatching, hk_SecItemCopyMatching, NULL); + +// FIXME: 有些 app tiny_hook 第三个参数不能传 null, 否则奔溃, 不知道为什么; +// VM Region Info: 0 is not in any region. Bytes before following region: 4438192128 +// REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL +// UNUSED SPACE AT START +// ---> +// __TEXT 108897000-10a4f2000 [ 28.4M] r-x/r-x SM=COW /Applications/Navicat Premium.app/Contents/MacOS/Navicat Premium +// +// Thread 0 Crashed:: Dispatch queue: com.apple.main-thread +// 0 Security 0x7ff814322df9 SecItemCopyMatching + 0 + + tiny_hook(SecItemAdd, hk_SecItemAdd, (void *)&SecItemAdd_ori); + tiny_hook(SecItemUpdate, hk_SecItemUpdate, (void *)&SecItemUpdate_ori); + tiny_hook(SecItemDelete, hk_SecItemDelete, (void *)&SecItemDelete_ori); + tiny_hook(SecItemCopyMatching, hk_SecItemCopyMatching,(void *)&SecItemCopyMatching_ori); } - (void)hook_AllSecCode:teamIdentifier{ diff --git a/dylib_dobby_hook/utils/common_ret.h b/dylib_dobby_hook/utils/common_ret.h index 200a349..2427d34 100644 --- a/dylib_dobby_hook/utils/common_ret.h +++ b/dylib_dobby_hook/utils/common_ret.h @@ -134,9 +134,17 @@ extern SecCodeCopySigningInformation_ptr_t SecCodeCopySigningInformation_ori; * - hk_SecItemDelete: Deletes an item. * - hk_SecItemCopyMatching: Retrieves an item. */ +typedef OSStatus (*SecItemAdd_ptr_t)(CFDictionaryRef attributes, CFTypeRef *result); +extern SecItemAdd_ptr_t SecItemAdd_ori; OSStatus hk_SecItemAdd(CFDictionaryRef attributes, CFTypeRef *result); +typedef OSStatus (*SecItemUpdate_ptr_t)(CFDictionaryRef query, CFDictionaryRef attributesToUpdate); +extern SecItemUpdate_ptr_t SecItemUpdate_ori; OSStatus hk_SecItemUpdate(CFDictionaryRef query, CFDictionaryRef attributesToUpdate); +typedef OSStatus (*SecItemDelete_ptr_t)(CFDictionaryRef query); +extern SecItemDelete_ptr_t SecItemDelete_ori; OSStatus hk_SecItemDelete(CFDictionaryRef query); +typedef OSStatus (*SecItemCopyMatching_ptr_t)(CFDictionaryRef query, CFTypeRef *result); +extern SecItemCopyMatching_ptr_t SecItemCopyMatching_ori; OSStatus hk_SecItemCopyMatching(CFDictionaryRef query, CFTypeRef *result); NSString *love69(NSString *input); diff --git a/dylib_dobby_hook/utils/common_ret.m b/dylib_dobby_hook/utils/common_ret.m index 0d28776..3370ddb 100644 --- a/dylib_dobby_hook/utils/common_ret.m +++ b/dylib_dobby_hook/utils/common_ret.m @@ -220,6 +220,7 @@ OSStatus hk_SecCodeCopySigningInformation(SecCodeRef codeRef, SecCSFlags flags, #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wdeprecated-declarations" +SecItemAdd_ptr_t SecItemAdd_ori = NULL; OSStatus hk_SecItemAdd(CFDictionaryRef attributes, CFTypeRef *result) { NSLogger(@"hk_SecItemAdd"); CFStringRef service = (CFStringRef)CFDictionaryGetValue(attributes, kSecAttrService); @@ -257,6 +258,7 @@ OSStatus hk_SecItemAdd(CFDictionaryRef attributes, CFTypeRef *result) { return status; } +SecItemUpdate_ptr_t SecItemUpdate_ori = NULL; OSStatus hk_SecItemUpdate(CFDictionaryRef query, CFDictionaryRef attributesToUpdate) { NSLogger(@"hk_SecItemUpdate"); CFStringRef service = (CFStringRef)CFDictionaryGetValue(query, kSecAttrService); @@ -293,6 +295,7 @@ OSStatus hk_SecItemUpdate(CFDictionaryRef query, CFDictionaryRef attributesToUpd return status; } +SecItemDelete_ptr_t SecItemDelete_ori = NULL; OSStatus hk_SecItemDelete(CFDictionaryRef query) { NSLogger(@"hk_SecItemDelete"); CFStringRef service = (CFStringRef)CFDictionaryGetValue(query, kSecAttrService); @@ -319,6 +322,7 @@ OSStatus hk_SecItemDelete(CFDictionaryRef query) { return status; } +SecItemCopyMatching_ptr_t SecItemCopyMatching_ori = NULL; OSStatus hk_SecItemCopyMatching(CFDictionaryRef query, CFTypeRef *result) { NSLogger(@"hk_SecItemCopyMatching"); // 从查询字典中提取 service 和 account