Closed ericfitz closed 2 years ago
Maybe you can try this version? This library has been updated recently. https://github.com/nkraetzschmar/chainbreaker
Thank you for the suggestion. I tried this, specifically I added these lines to _get_base_address (~line 556), in addition to the existing conditionals, in accordance with https://github.com/nkraetzschmar/chainbreaker/commit/75c52d1adf6e1931b7027bba98b43a1d2d946812
if table_name >= 0x4000 and table_name < 0x5000:
table_name = 15
if table_name >= 0x5000 and table_name < 0x6000:
table_name = 16
The error is now gone, but this still fails to export private keys from Mojave's system keychain, with either a password or using an unlock file while the keychain is unlocked. The export seems to work but when I examine the key file that is written, it contains the text "[Invalid Password / Keychain Locked]".
I put a $100 bounty up on this issue: https://app.bountysource.com/issues/105707095-private-key-export-from-macos-monterey-system-keychain-fails-with-invalid-password-keychain-locked
Hi @ericfitz, Have you tried it with SystemKey
?
./chainbreaker.py -p -o ~/cert/ --export-private-keys /Library/Keychains/System.keychain --unlock-file /var/db/SystemKey
Yes, I did try that before I updated the issue. I ran both with and without sudo. Here's the error I got: IOError: [Errno 1] Operation not permitted: '/var/db/SystemKey'
Yes, I did try that before I updated the issue. I ran both with and without sudo. Here's the error I got: IOError: [Errno 1] Operation not permitted: '/var/db/SystemKey'
Hi @ericfitz, in this case, you should disable Macos SIP first. https://developer.apple.com/documentation/security/disabling_and_enabling_system_integrity_protection
That did the trick.
Monterey 12.2.1