Unable to load mac-a-mal.kext because of missed signature

phdphuc / mac-a-mal-cuckoo

The current repository contains all the scripts needed to complement kernel-mode mac-a-mal malicious activity hooking on macOS to Cuckoo sandbox.

MIT License

47 stars 11 forks source link

Unable to load mac-a-mal.kext because of missed signature #7

Closed zentavr closed 5 years ago

zentavr commented 6 years ago

Hi,

I was able to compile the kext file, but seems like but cannot be loaded because of the missed signature. The guest (VurtualBox) is MacOS 10.12 and the error is:

    Ians-iMac:mam ian$ sudo kextutil /Library/Extensions/mac-a-mal.kext
    Diagnostics for /Library/Extensions/mac-a-mal.kext:
    Code Signing Failure: not code signed
    Untrusted kexts are not allowed
    ERROR: invalid signature for mac-a-mal, will not load

I wonder if there is any workaround to do the trick?

phdphuc commented 5 years ago

You can either sign the KEXT, or disable the KEXT verification from the SIP in the recovery mode with this command: csrutil enable --without kext.