search

paradiseduo / appdecrypt

appdecrypt is a tool to make decrypt application encrypted binaries on macOS when SIP-enabled (macOS 11.3 or below)
GNU General Public License v3.0
754 stars 99 forks source link

Universal binary segmentation fault #22

Open gzz2000 opened 1 year ago

gzz2000 commented 1 year ago

When fed with a universal binary like this:

% file Shadowrocket
Shadowrocket: Mach-O universal binary with 2 architectures: [arm_v7:
- Mach-O executable arm_v7] [arm64]
Shadowrocket (for architecture armv7):  Mach-O executable arm_v7
Shadowrocket (for architecture arm64):  Mach-O 64-bit executable arm64

The release version will get a segmentation fault:

zsh: segmentation fault  ./appdecrypt "/.../Shadowrocket.app"

The debug version trips over an assertion:

appdecrypt/dump.swift:112: Assertion failed
zsh: trace trap  .build/debug/appdecrypt "/.../Shadowrocket.app"

where the code at line 112 is:

    assert(header.pointee.magic == MH_MAGIC_64)

This is likely to be the reason of https://github.com/paradiseduo/appdecrypt/issues/18, too.

I don't know the exact mechanism of encryption with a universal binary. I guess there should be some implementation to automatically extract the matching architecture only, or just throws an error message warning user about the existence of universal binaries.

HenryQuan commented 1 year ago

fouldecrypt may be handling it.

gzz2000 commented 1 year ago

fouldecrypt may be handling it.

Yeah, it seems the code you pointed to does exactly handle universal binaries. fouldecrypt only runs on iOS so I hope appdecrypt may support universal binaries likely. I am not familiar with swift or otherwise I could have started working on it.