cyphunk/heartbleed_osx_scan.py

## heartbleed_osx_scan.py
#!/usr/bin/env python
# Scan all OSX Applications and print when one links to
# libssl. Requires otool, codesign

import subprocess
import sys
import os.path
import re


def otool(s, executable_path):
  o = subprocess.Popen(['/usr/bin/otool', '-L', os.path.realpath(s)], stdout=subprocess.PIPE )
  for l in o.stdout:
    if l[0] == '\t':
      l = re.sub(r' \(.*\)$', '', l)[1:-1]
      if l[:16] == '@executable_path':
        l = os.path.realpath(executable_path+l[16:])
      if 'ssl' in l:
        print '>>', l, 'via', s
      # uncomment to run strings on every linked library to see if
      # they may staticly include openssl code
      #if subprocess.call(['strings %s | grep OpenSSL 1>/dev/null'%l], shell=True) == 0:
      #  print '>> has OpenSSL', l, 'via', s
      yield l

def scan(executable):
  print executable
  executable_path = os.path.dirname(executable)
  need = set([executable])
  done = set()

  while need:
    needed = set(need)
    need = set()
    for f in needed:
        need.update(otool(f, executable_path))
    done.update(needed)
    need.difference_update(done)

# Walk through applications

for (root, dirs, files) in os.walk('/Applications'):
  for dir in dirs:
    if dir [-4:] == ".app":
      path = os.path.join(root, dir)
      try:
        output = subprocess.check_output(['codesign', '--display', path], stderr=subprocess.STDOUT)
        if output[:11] == 'Executable=':
          scan(output[11:-1])
      except subprocess.CalledProcessError as e:
        # codesign is likely not the best way to find the executable
        # will often fail when .app not signed.
        name = os.path.split(path)[-1][:-4]
        path = os.path.join(path, 'Contents/MacOS')
        if os.path.isfile( os.path.join(path, name) ):
          scan(os.path.join(path, name))
        elif  os.path.isfile( os.path.join(path, name.lower())):
          scan(os.path.join(path, name.lower()))
        else:
          print 'err: could not find executable for', path
	#!/usr/bin/env python
	# Scan all OSX Applications and print when one links to
	# libssl. Requires otool, codesign

	import subprocess
	import sys
	import os.path
	import re


	def otool(s, executable_path):
	o = subprocess.Popen(['/usr/bin/otool', '-L', os.path.realpath(s)], stdout=subprocess.PIPE )
	for l in o.stdout:
	if l[0] == '\t':
	l = re.sub(r' \(.*\)$', '', l)[1:-1]
	if l[:16] == '@executable_path':
	l = os.path.realpath(executable_path+l[16:])
	if 'ssl' in l:
	print '>>', l, 'via', s
	# uncomment to run strings on every linked library to see if
	# they may staticly include openssl code
	#if subprocess.call(['strings %s \| grep OpenSSL 1>/dev/null'%l], shell=True) == 0:
	# print '>> has OpenSSL', l, 'via', s
	yield l

	def scan(executable):
	print executable
	executable_path = os.path.dirname(executable)
	need = set([executable])
	done = set()

	while need:
	needed = set(need)
	need = set()
	for f in needed:
	need.update(otool(f, executable_path))
	done.update(needed)
	need.difference_update(done)

	# Walk through applications

	for (root, dirs, files) in os.walk('/Applications'):
	for dir in dirs:
	if dir [-4:] == ".app":
	path = os.path.join(root, dir)
	try:
	output = subprocess.check_output(['codesign', '--display', path], stderr=subprocess.STDOUT)
	if output[:11] == 'Executable=':
	scan(output[11:-1])
	except subprocess.CalledProcessError as e:
	# codesign is likely not the best way to find the executable
	# will often fail when .app not signed.
	name = os.path.split(path)[-1][:-4]
	path = os.path.join(path, 'Contents/MacOS')
	if os.path.isfile( os.path.join(path, name) ):
	scan(os.path.join(path, name))
	elif os.path.isfile( os.path.join(path, name.lower())):
	scan(os.path.join(path, name.lower()))
	else:
	print 'err: could not find executable for', path