Posts

How to enable specific part of System Integrity Protection(SIP) while keeping few sections of it disabled.

macOS SIP supports a set of hidden options to disable few sections of SIP by passing hidden options to csrutil tool. 


 Each of these can be selectively disabled by running one of the following commands while booted into Recovery mode:
csrutil enable --no-internalcsrutil enable --without kextcsrutil enable --without fscsrutil enable --without debugcsrutil enable --without dtracecsrutil enable --without nvram
You can disable two or more components by structuring the command as follows: csrutil enable --without kext  --without debug
How to disable /enable to SIP , refer to http://anandmpandit.blogspot.in/2015/11/how-to-disable-system-integrity.html.
 Note : These options are tested on macOS ElCapitan , on higher version of macOS some or all of them may not work.

How to rename filenames to their corresponding md5 hash on mac ?

The following command in terminal app renames the files located in directory to their corresponding md5 hash on macOS. 
Steps:
1. Open Terminal.app and go to the directory containing files. 2. Run following command in terminal to rename files by MD5 on macOS.

macOS-system$ for F in *.*; do mv $F "$(md5 "$F" | cut -d' ' -f4).${F##*.}"; done
The above shell command renames all files in the current directory to their md5.

How to make java point to right version of java on your Mac ?

A usual problem on mac where the even after upgrading or installing the latest version of Java, when queried in command line for java version it still refers to the old version of java. something like below:
$ java -version java version "1.7.0_79" Java(TM) SE Runtime Environment (build 1.7.0_79-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode)

This is because the /usr/bin/java is pointing to  /System/Library/Frameworks/JavaVM.framework/Versions/Current/Commands/java on the system.
$ ls -la `which java` /usr/bin/java -> /System/Library/Frameworks/JavaVM.framework/Versions/Current/Commands/java

This is because Oracle's installer puts java inside the/Library/Internet Plug-Ins/JavaAppletPlugin.plugin. And it doesn't overwrite /usr/bin/java. So to fix this we have remove the existing soft link to old java and point it to new java binary. which can be done by performing following steps.

$ sudo rm /usr/bin/java
$ sudo ln -s /Library/Internet\ Plug-Ins/JavaApplet…

How to fix broken python module easy_install on mac ?

Easy Install is a python module (easy_install) bundled with setuptools that lets you automatically download, build, install, and manage Python packages. Sometimes due wrong installations easy_install might get corrupted and fail to install any package afterwords. You might see errors like below when you try to install any modules
Traceback (most recent call last):   File "/usr/local/bin/easy_install", line 7, in     from setuptools.command.easy_install import main   File "/Library/Python/2.7/site-packages/setuptools/__init__.py", line 12, in     import setuptools.version   File "/Library/Python/2.7/site-packages/setuptools/version.py", line 1, in     import pkg_resources   File "/Library/Python/2.7/site-packages/pkg_resources/__init__.py", line 72, in     import packaging.requirements   File "/Library/Python/2.7/site-packages/packaging/requirements.py", line 59, in     MARKER_EXPR = originalTextFor(MARKER_EXPR())("marker"…

Calculating hash(md5, sha1...) of a hex string in Python

To calculate hash of hex string in python:
In [1]: import hashlib
In [2]: import binascii

In [3]: hex_string = '3082010a0282010100c3dfee03290fb01e3a4887c5ce0630dcdd8495bfb568b1f61cb8fa8294545b74f06facd215933c53babdd4d066dcb2a713740b9a018c8e0d5fbe1c2a7c793d317c69590c6a34cb1758fd1ff00f36d757c97371d08e9e9efcad1bf6fc8a0c03972296870ad825fa81000fee7aa79c2bcfab0e92d67d3d429d9a25cd6087e3139b17ce1809a6bf83d5ef40ff8e4532412adc15c63eff4eadd264860cb61b381e4f0e8a9e19cf7e39fefdfe9904b1aafe54f12289b930e341dd12b5a41eca1ae9d3556e6c7860a162652a31e256a7fa5720b4cbeb32fa65b67eb0610c6857dfe775d71de5aeb041d7ea0a7c5f335d678280b30dd014e16b37290c4c56d20df737850203010001'
In [4]: hashlib.md5(binascii.unhexlify(hex_string)).hexdigest() Out[4]: '0c6f3dd3d5d896e0f3f49dfae0437ba1'
In [6]: hashlib.sha1(binascii.unhexlify(hex_string)).hexdigest() Out[6]: 'fc6d7e7925e18c5bed6314ea112a230948cfde75'
In [7]: hashlib.sha256(binascii.unhexlify(hex_string)).hexdigest() Out[7]: '73a1b42ca158112e233cd42b03…

How to extract signing certificates from macOS binary files

Code signing is a macOS security technology that you use to certify that an app was created by you. Once an app is signed, the system can detect any change to the app—whether the change is introduced accidentally or by malicious code. As Apple Developer site says ( click here for more details on code signing) :



code signing allows the operating system to: Ensure that a piece of code has not been altered since it was signed. The system can detect even the smallest change, whether it was intentional (by a malicious attacker, for example) or accidental (as when a file gets corrupted). When a code signature is intact, the system can be sure the code is as the signer intended. Identify code as coming from a specific source (a developer or signer). The code signature includes cryptographic information that unambiguously points to a particular author. Determine whether code is trustworthy for a specific purpose. Among other things, a developer can use a code signature to state that an updated ve…