Created
April 9, 2014 15:10
-
-
Save cyphunk/10281386 to your computer and use it in GitHub Desktop.
Scan applications on OSX looking for any that include/link-to libssh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# Scan all OSX Applications and print when one links to | |
# libssl. Requires otool, codesign | |
import subprocess | |
import sys | |
import os.path | |
import re | |
def otool(s, executable_path): | |
o = subprocess.Popen(['/usr/bin/otool', '-L', os.path.realpath(s)], stdout=subprocess.PIPE ) | |
for l in o.stdout: | |
if l[0] == '\t': | |
l = re.sub(r' \(.*\)$', '', l)[1:-1] | |
if l[:16] == '@executable_path': | |
l = os.path.realpath(executable_path+l[16:]) | |
if 'ssl' in l: | |
print '>>', l, 'via', s | |
# uncomment to run strings on every linked library to see if | |
# they may staticly include openssl code | |
#if subprocess.call(['strings %s | grep OpenSSL 1>/dev/null'%l], shell=True) == 0: | |
# print '>> has OpenSSL', l, 'via', s | |
yield l | |
def scan(executable): | |
print executable | |
executable_path = os.path.dirname(executable) | |
need = set([executable]) | |
done = set() | |
while need: | |
needed = set(need) | |
need = set() | |
for f in needed: | |
need.update(otool(f, executable_path)) | |
done.update(needed) | |
need.difference_update(done) | |
# Walk through applications | |
for (root, dirs, files) in os.walk('/Applications'): | |
for dir in dirs: | |
if dir [-4:] == ".app": | |
path = os.path.join(root, dir) | |
try: | |
output = subprocess.check_output(['codesign', '--display', path], stderr=subprocess.STDOUT) | |
if output[:11] == 'Executable=': | |
scan(output[11:-1]) | |
except subprocess.CalledProcessError as e: | |
# codesign is likely not the best way to find the executable | |
# will often fail when .app not signed. | |
name = os.path.split(path)[-1][:-4] | |
path = os.path.join(path, 'Contents/MacOS') | |
if os.path.isfile( os.path.join(path, name) ): | |
scan(os.path.join(path, name)) | |
elif os.path.isfile( os.path.join(path, name.lower())): | |
scan(os.path.join(path, name.lower())) | |
else: | |
print 'err: could not find executable for', path |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment