Skip to content
/ dylib_hijack_scanner Public

Simple utility used to scan a directory for possibly dylib hijacks.

8 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DinoBytes/dylib_hijack_scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.gitignore
.gitignore
 
 
readme.md
readme.md
 
 
requirements.txt
requirements.txt
 
 
scan.py
scan.py
 
 

Repository files navigation

Dylib Hijack Scanner

Simple utility used to scan a directory for possibly dylib hijacks.

Usage

$ pip install -r requirements.txt
$ python scan.py
Usage: python scan.py <directory>

Example usage:

$ python scan.py "/Library/Application Support/"

Output is simply a pretty print of a dict containing the vulnerable file and the libraries that may be susceptible to hijacking.

False Positives

This tool makes no guarantees in terms of accuracy of results. It makes no attempt to check permissions or other such mitigations of the vulnerabilities.

Acknowledgements

While this tool was created for use in a couple of independent projects, it was inspired by Patrick Wardle's scanner of the same nature -- DHS.app. His tooling is much more sophisticated and thorough, but didn't meet my use case.

About

Simple utility used to scan a directory for possibly dylib hijacks.

Resources

Readme
Activity

Stars

8 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages