marlkiller / dylib_dobby_hook

A macOS dylib project based on the Dobby Hook framework, aimed at enhancing and extending the functionality of target software.
MIT License
235 stars 68 forks source link

Paddle Based Apps #28

Closed tanu360 closed 1 month ago

tanu360 commented 2 months ago
  1. Downie and Permute are not working.
  2. Generic way to patch Paddle Apps also not working as It is not clear to me which file to use for injection.

My suggestion :

Search for Applications Containing a Specific Framework

This script searches for applications containing the Paddle.framework within specified directories and lists the names of those applications.

Usage

  1. Save the script to a file, e.g., paddle.sh.
  2. Make the script executable:
    chmod +x paddle.sh
  3. Run the script:
    ./paddle.sh

Script


#!/bin/bash

# Set the framework name
FRAMEWORK_NAME="Paddle.framework"

# Array to store unique app names
APP_NAMES=()

# Function to search for the framework in an app
search_framework() {
    local APP_PATH="$1"
    local APP_NAME=$(basename "$APP_PATH" .app)
    if [ -d "$APP_PATH/Contents/Frameworks/$FRAMEWORK_NAME" ]; then
        # Check if the app name already exists in the array
        if [[ ! " ${APP_NAMES[@]} " =~ " ${APP_NAME} " ]]; then
            APP_NAMES+=("$APP_NAME")
        fi
    fi
}

# Common folders to search within
COMMON_FOLDERS=(
    "/Applications"
    "/Users/YOUR_USERNAME/Applications"
    # Add more directories as needed
)

# Search for apps containing the framework in common folders
for FOLDER in "${COMMON_FOLDERS[@]}"; do
    echo "Searching in: $FOLDER"
    while IFS= read -r -d '' FILE; do
        if [[ "$FILE" == *.app ]]; then
            search_framework "$FILE"
        fi
    done < <(find "$FOLDER" -name "*.app" -print0 2>/dev/null)
done

# Check if any apps containing the framework were found
if [ ${#APP_NAMES[@]} -eq 0 ]; then
    echo "No apps containing the framework $FRAMEWORK_NAME were found in the specified folders."
else
    echo "Apps containing the framework $FRAMEWORK_NAME in the specified folders:"
    for APP_NAME in "${APP_NAMES[@]}"; do
        echo "$APP_NAME"
    done
fi
marlkiller commented 2 months ago
[download latest release ]
tar -xzvf dylib_dobby_hook.tar.gz
cd script 
sudo sh auto_hack.sh

This script will scan the supported apps, automatically inject using the specified framework path, and isolate the operations for each app.

tanu360 commented 2 months ago

Hello, I tried already. It doesn't support all paddle apps. It only supports downie/permute.

Though downie is not working and app crashes after injection.

What I wanted to suggest is : a generic approach to patch all apps having paddle as license system.

marlkiller commented 2 months ago
  1. The paddle.sh script looks good. I think some code changes are still needed. If I have time, I’ll refactor the getAppName and getSupportAppVersion functions.
@implementation PaddleBaseHack

- bool checkAppName {
    // The getAppName function should be modified to return a boolean, determining whether the current app has paddle.framework.
    return true;
}

- bool checkSupportAppVersion {

    return true;
}
  1. I think auto_hack.sh and paddle.sh should be merged together.

  2. Is the Downie app crashing because SIP (System Integrity Protection) is enabled ?

tanu360 commented 2 months ago
  1. Yes your suggestion is perfect. So boolean return can be read by the auto_hack.sh to patch further.
  2. It would be great if you merge both of these. So then this repo will immidately start supporting so many apps.
  3. SIP is enabled in my mac but afaik to patch the paddle, we can patch only paddle license calls. Software will show unlicensed, no problem but it will work well as the paddle licensing is bypassed already.
tanu360 commented 1 month ago

@marlkiller

Hello, Thank you for the integration. I enhanced and refactored some code :

ALL_APPS_LIST=(
    "CleanShot X|/Applications/CleanShot X.app/Contents/Frameworks/LetsMove.framework/Versions/A/LetsMove"
    "Proxyman|/Applications/Proxyman.app/Contents/Frameworks/HexFiend.framework/Versions/A/HexFiend"
    "MacUpdater|/Applications/MacUpdater.app/Contents/Frameworks/Sparkle.framework/Versions/B/Sparkle"
    "ForkLift|/Applications/ForkLift.app/Contents/Frameworks/UniversalDetector.framework/Versions/A/UniversalDetector|apps/forklift_hack.sh"
    "TablePlus|/Applications/TablePlus.app/Contents/Frameworks/Sparkle.framework/Versions/B/Sparkle"
    "Navicat Premium|/Applications/Navicat Premium.app/Contents/Frameworks/EE.framework/Versions/A/EE"
    "AirBuddy|/Applications/AirBuddy.app/Contents/Frameworks/LetsMove.framework/Versions/A/LetsMove"
    "Infuse|/Applications/Infuse.app/Contents/Frameworks/Differentiator.framework/Versions/A/Differentiator"
    "IDA Professional 9.0|/Applications/IDA Professional 9.0.app/Contents/Frameworks/QtDBus.framework/Versions/5/QtDBus|apps/ida_hack.sh"
    "Paste"
    "DevUtils"
    "Transmit"
)

find_paddle_apps() {
    FRAMEWORK_NAME="Paddle.framework"
    APP_NAMES=()
    search_framework() {
        local APP_PATH="$1"
        local APP_NAME=$(basename "$APP_PATH" .app)

        if [ -d "$APP_PATH/Contents/Frameworks/$FRAMEWORK_NAME" ]; then
            if [[ ! " ${APP_NAMES[@]} " =~ " ${APP_NAME} " ]]; then
                APP_NAMES+=("$APP_NAME")
                ALL_APPS_LIST+=("$APP_NAME|$APP_PATH/Contents/Frameworks/Paddle.framework/Versions/A/Paddle")
            fi
        fi
    }
    COMMON_FOLDERS=(
        "/Applications"
        "/Users/$(whoami)/Applications"
    )
    for FOLDER in "${COMMON_FOLDERS[@]}"; do
        while IFS= read -r -d '' FILE; do
            if [[ "$FILE" == *.app ]]; then
                search_framework "$FILE"
            fi
        done < <(find "$FOLDER" -name "*.app" -print0 2>/dev/null)
    done
}

start() {
    find_paddle_apps
    for app_entry in "${ALL_APPS_LIST[@]}"; do
        IFS="|" read -r app_name app_path script_after <<<"$app_entry"
        hack_app "$app_name" "$app_path" "$script_after"
    done
}

start
  1. It will auto scan all apps using paddle licensing.

I also occured some issues with the PaddleBaseHack https://github.com/marlkiller/dylib_dobby_hook/blob/main/dylib_dobby_hook/apps/PaddleBaseHack.m

It can't handle the : https://github.com/MindMacApp/MindMac/releases/tag/1.9.21

Can you please update the paddle patching method and support more approach?

For example : https://github.com/QiuChenly/InjectLib/blob/b9f5244aa3c6af795ce86baec5923f74c4e8113e/config.json#L695 supports it and in a very well way. You can deactivate/activate easily. I hope you can implement this too.

I do not prefer this project but It inject an encrypted close source lib which I less prefer as compare to open-source repo.

tanu360 commented 1 month ago

Hi, did you get a chance to look at the bug I mentioned?

marlkiller commented 1 month ago

Hi, did you get a chance to look at the bug I mentioned?

I'll take a look over the weekend.

marlkiller commented 1 month ago

Hi, did you get a chance to look at the bug I mentioned?

you may need to manually register in the registration window and then restart the app.

tanu360 commented 1 month ago

@marlkiller now Downie 4 and Permute 3 are crashing after injection. You can try from your end. Apps freeze when we start and have to force kill them else they become unresponsive.

marlkiller commented 1 month ago

@marlkiller now Downie 4 and Permute 3 are crashing after injection. You can try from your end. Apps freeze when we start and have to force kill them else they become unresponsive.

Reinstall and retry. My environment has SIP off, so many apps won’t require re-signing, which makes it inconvenient for me to test. Some apps require additional handling of helper programs when re-signing.

tanu360 commented 1 month ago

@marlkiller I tested. No this issue is not due to resigning I think because previously the apps were running fine but now they do not work after this commit : https://github.com/marlkiller/dylib_dobby_hook/commit/611d1c368ff3f0a2bf9e0aa5706b374458c04487

I think there's something which got changed in PaddleBaseHack file so these 2 apps are now becoming un-responsive.

I reverted to old file and then resigned like usual : Apps work fine. With this above mentioned commit : Both these apps do not work.

marlkiller commented 1 month ago

@marlkiller I tested. No this issue is not due to resigning I think because previously the apps were running fine but now they do not work after this commit : 611d1c3

I think there's something which got changed in PaddleBaseHack file so these 2 apps are now becoming un-responsive.

I reverted to old file and then resigned like usual : Apps work fine. With this above mentioned commit : Both these apps do not work.

Use this commit: https://github.com/marlkiller/dylib_dobby_hook/commit/5cb50ca9615b92f141cbd6defaf4ed9dfcb88028

tanu360 commented 1 month ago

Use this commit:

I tested with it yet the issue same. It keeps on using 100% CPU and then app crashed.

tanu360 commented 1 month ago

@marlkiller I figured out.

The problem is : https://github.com/marlkiller/dylib_dobby_hook/blob/5cb50ca9615b92f141cbd6defaf4ed9dfcb88028/dylib_dobby_hook/apps/PaddleBaseHack.m#L102

I think we should keep it like before πŸ‘

- (NSString *) hook_licenseCode{
    NSLog(@">>>>>> called hook_licenseCode");
    NSUUID *uuid = [NSUUID UUID];
    return [uuid UUIDString];
}

Now, It is working fine. :)

marlkiller commented 1 month ago

@marlkiller I figured out.

The problem is :

https://github.com/marlkiller/dylib_dobby_hook/blob/5cb50ca9615b92f141cbd6defaf4ed9dfcb88028/dylib_dobby_hook/apps/PaddleBaseHack.m#L102

I think we should keep it like before πŸ‘

- (NSString *) hook_licenseCode{
    NSLog(@">>>>>> called hook_licenseCode");
    NSUUID *uuid = [NSUUID UUID];
    return [uuid UUIDString];
}

Now, It is working fine. :)

  • Also the /deactivate is not working too. For example, after activating MindMac, you can try to deactivate it. You will see that it will just keep spinning infinite times but won't work.

The release built with Xcode has no issues. It seems the compiler is different with CMake.

Try again; it should be fixed now.

Do not click "deactivate"; I don't like that button πŸ˜„