macOS Sandbox
Last updated
Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
MacOS Sandbox (mwanzo ilijulikana kama Seatbelt) inaweka mipaka kwa programu zinazotembea ndani ya sandbox kwa vitendo vilivyokubaliwa vilivyobainishwa katika profaili ya Sandbox ambayo programu inatumia. Hii husaidia kuhakikisha kwamba programu itakuwa inapata rasilimali zinazotarajiwa tu.
Programu yoyote yenye entitlement com.apple.security.app-sandbox
itatekelezwa ndani ya sandbox. Apple binaries kwa kawaida hutekelezwa ndani ya Sandbox, na programu zote kutoka App Store zina entitlement hiyo. Hivyo, programu kadhaa zitatekelezwa ndani ya sandbox.
Ili kudhibiti kile mchakato unaweza au hawezi kufanya, Sandbox ina hooks katika karibu kila operesheni ambayo mchakato unaweza kujaribu (ikiwemo syscalls nyingi) kwa kutumia MACF. Hata hivyo, kutegemea na entitlements za programu, Sandbox inaweza kuwa na uvumilivu zaidi kwa mchakato.
Baadhi ya vipengele muhimu vya Sandbox ni:
kernel extension /System/Library/Extensions/Sandbox.kext
private framework /System/Library/PrivateFrameworks/AppSandbox.framework
daemon inayotembea katika userland /usr/libexec/sandboxd
containers ~/Library/Containers
Kila programu iliyowekwa sandbox itakuwa na kontena yake mwenyewe katika ~/Library/Containers/{CFBundleIdentifier}
:
Ndani ya kila folda ya kitambulisho cha kifurushi unaweza kupata plist na Direktori ya Data ya App yenye muundo unaofanana na folda ya Nyumbani:
Kumbuka kwamba hata kama symlinks zipo ili "kutoroka" kutoka Sandbox na kufikia folda nyingine, App bado inahitaji kuwa na ruhusa za kuzifikia. Ruhusa hizi ziko ndani ya .plist
katika RedirectablePaths
.
SandboxProfileData
ni profaili ya sandbox iliyokusanywa CFData iliyokwepa hadi B64.
Kila kitu kilichoundwa/kilibadilishwa na programu ya Sandboxed kitapata sifa ya karantini. Hii itazuia nafasi ya sandbox kwa kuanzisha Gatekeeper ikiwa programu ya sandbox inajaribu kutekeleza kitu kwa kutumia open
.
Profaili za Sandbox ni faili za usanidi zinazoonyesha kile kitakachokuwa kuruhusiwa/kukatazwa katika hiyo Sandbox. Inatumia Sandbox Profile Language (SBPL), ambayo inatumia lugha ya programu ya Scheme.
Hapa unaweza kupata mfano:
Check this research to check more actions that could be allowed or denied.
Note that in the compiled version of a profile the name of the operations are substituded by their entries in an array known by the dylib and the kext, making the compiled version shorter and more difficult to read.
Important huduma za mfumo also run inside their own custom sandbox such as the mdnsresponder
service. You can view these custom sandbox profiles inside:
/usr/share/sandbox
/System/Library/Sandbox/Profiles
Other sandbox profiles can be checked in https://github.com/s7ephen/OSX-Sandbox--Seatbelt--Profiles.
App Store apps use the profile /System/Library/Sandbox/Profiles/application.sb
. You can check in this profile how entitlements such as com.apple.security.network.server
allows a process to use the network.
SIP is a Sandbox profile called platform_profile in /System/Library/Sandbox/rootless.conf
To start an application with an specific sandbox profile you can use:
Kumbuka kwamba programu iliyoundwa na Apple inayofanya kazi kwenye Windows haina tahadhari za ziada za usalama, kama vile sandboxing ya programu.
Mifano ya kupita:
https://desi-jarvis.medium.com/office365-macos-sandbox-escape-fcce4fa4123c (wanaweza kuandika faili nje ya sandbox ambayo jina lake linaanza na ~$
).
Inawezekana kufuatilia ukaguzi wote sandbox inafanya kila wakati kitendo kinapokaguliwa. Kwa hivyo, tengeneza profaili ifuatayo:
Kisha tekeleza kitu chochote ukitumia profaili hiyo:
In /tmp/trace.out
utaweza kuona kila ukaguzi wa sandbox uliofanywa kila wakati ulipokuwa ukitolewa (hivyo, kuna nakala nyingi).
Pia inawezekana kufuatilia sandbox kwa kutumia -t
parameter: sandbox-exec -t /path/trace.out -p "(version 1)" /bin/ls
Kazi sandbox_set_trace_path
iliyotolewa na libsystem_sandbox.dylib
inaruhusu kuweka jina la faili la kufuatilia ambapo ukaguzi wa sandbox utaandikwa.
Pia inawezekana kufanya kitu kama hicho kwa kuita sandbox_vtrace_enable()
na kisha kupata makosa ya log kutoka kwenye buffer kwa kuita sandbox_vtrace_report()
.
libsandbox.dylib
inatoa kazi inayoitwa sandbox_inspect_pid ambayo inatoa orodha ya hali ya sandbox ya mchakato (ikiwemo nyongeza). Hata hivyo, ni binaries za jukwaa pekee ndizo zinaweza kutumia kazi hii.
MacOS inahifadhi wasifu wa sandbox wa mfumo katika maeneo mawili: /usr/share/sandbox/ na /System/Library/Sandbox/Profiles.
Na ikiwa programu ya upande wa tatu ina com.apple.security.app-sandbox ruhusa, mfumo unatumia wasifu /System/Library/Sandbox/Profiles/application.sb kwa mchakato huo.
Katika iOS, wasifu wa kawaida unaitwa container na hatuna uwakilishi wa maandiko wa SBPL. Katika kumbukumbu, sandbox hii inawakilishwa kama mti wa binary wa Ruhusu/Kataa kwa kila ruhusa kutoka sandbox.
Inawezekana kwa kampuni kufanya programu zao zifanye kazi na wasifu wa Sandbox maalum (badala ya wa kawaida). Wanahitaji kutumia ruhusa com.apple.security.temporary-exception.sbpl
ambayo inahitaji kuidhinishwa na Apple.
Inawezekana kuangalia ufafanuzi wa ruhusa hii katika /System/Library/Sandbox/Profiles/application.sb:
This will eval the string after this entitlement as an Sandbox profile.
The sandbox-exec
tool uses the functions sandbox_compile_*
from libsandbox.dylib
. The main functions exported are: sandbox_compile_file
(inatarajia njia ya faili, param -f
), sandbox_compile_string
(inatarajia string, param -p
), sandbox_compile_name
(inatarajia jina la kontena, param -n
), sandbox_compile_entitlements
(inatarajia entitlements plist).
This reversed and open sourced version of the tool sandbox-exec allows to make sandbox-exec
write into a file the compiled sandbox profile.
Moreover, to confine a process inside a container it might call sandbox_spawnattrs_set[container/profilename]
and pass a container or pre-existing profile.
On macOS, unlike iOS where processes are sandboxed from the start by the kernel, processes must opt-in to the sandbox themselves. This means on macOS, a process is not restricted by the sandbox until it actively decides to enter it, although App Store apps are always sandboxed.
Processes are automatically Sandboxed from userland when they start if they have the entitlement: com.apple.security.app-sandbox
. For a detailed explanation of this process check:
Extensions allow to give further privileges to an object and are giving calling one of the functions:
sandbox_issue_extension
sandbox_extension_issue_file[_with_new_type]
sandbox_extension_issue_mach
sandbox_extension_issue_iokit_user_client_class
sandbox_extension_issue_iokit_registry_rentry_class
sandbox_extension_issue_generic
sandbox_extension_issue_posix_ipc
The extensions are stored in the second MACF label slot accessible from the process credentials. The following sbtool
can access this information.
Note that extensions are usually granted by allowed processes, for example, tccd
will grant the extension token of com.apple.tcc.kTCCServicePhotos
when a process tried to access the photos and was allowed in a XPC message. Then, the process will need to consume the extension token so it gets added to it.
Note that the extension tokens are long hexadecimals that encode the granted permissions. However they don't have the allowed PID hardcoded which means that any process with access to the token might be consumed by multiple processes.
Note that extensions are very related to entitlements also, so having certain entitlements might automatically grant certain extensions.
According to this, the sandbox_check
functions (it's a __mac_syscall
), can check if an operation is allowed or not by the sandbox in a certain PID, audit token or unique ID.
The tool sbtool (find it compiled here) can check if a PID can perform a certain actions:
Inawezekana pia kusitisha na kuondoa kusitishwa kwa sandbox kwa kutumia kazi sandbox_suspend
na sandbox_unsuspend
kutoka libsystem_sandbox.dylib
.
Kumbuka kwamba ili kuita kazi ya kusitisha, haki fulani zinakaguliwa ili kuidhinisha mwito kama:
com.apple.private.security.sandbox-manager
com.apple.security.print
com.apple.security.temporary-exception.audio-unit-host
Kito hiki cha mfumo (#381) kinatarajia hoja ya kwanza ya maandiko ambayo itaonyesha moduli ya kuendesha, na kisha msimbo katika hoja ya pili ambayo itaonyesha kazi ya kuendesha. Kisha, hoja ya tatu itategemea kazi iliyotekelezwa.
Kazi ___sandbox_ms
inafunga mac_syscall
ikionyesha katika hoja ya kwanza "Sandbox"
kama vile ___sandbox_msp
ni kifungashio cha mac_set_proc
(#387). Kisha, baadhi ya misimbo inayoungwa mkono na ___sandbox_ms
inaweza kupatikana katika jedwali hili:
set_profile (#0): Tumia wasifu uliokamilishwa au uliotajwa kwa mchakato.
platform_policy (#1): Lazimisha ukaguzi wa sera maalum za jukwaa (hubadilika kati ya macOS na iOS).
check_sandbox (#2): Fanya ukaguzi wa mkono wa operesheni maalum ya sandbox.
note (#3): Ongeza anoteshini kwa Sandbox
container (#4): Unganisha anoteshini kwa sandbox, kawaida kwa ajili ya urekebishaji au utambulisho.
extension_issue (#5): Tengeneza nyongeza mpya kwa mchakato.
extension_consume (#6): Tumia nyongeza iliyotolewa.
extension_release (#7): Achilia kumbukumbu iliyohusishwa na nyongeza iliyotumiwa.
extension_update_file (#8): Badilisha vigezo vya nyongeza ya faili iliyopo ndani ya sandbox.
extension_twiddle (#9): Badilisha au rekebisha nyongeza ya faili iliyopo (mfano, TextEdit, rtf, rtfd).
suspend (#10): Kusitisha kwa muda ukaguzi wote wa sandbox (inahitaji haki zinazofaa).
unsuspend (#11): Anza tena ukaguzi wote wa sandbox uliositishwa hapo awali.
passthrough_access (#12): Ruhusu ufikiaji wa moja kwa moja kwa rasilimali, ukipita ukaguzi wa sandbox.
set_container_path (#13): (iOS pekee) Weka njia ya kontena kwa kikundi cha programu au kitambulisho cha kusaini.
container_map (#14): (iOS pekee) Pata njia ya kontena kutoka containermanagerd
.
sandbox_user_state_item_buffer_send (#15): (iOS 10+) Weka metadata ya hali ya mtumiaji ndani ya sandbox.
inspect (#16): Toa taarifa za urekebishaji kuhusu mchakato wa sandboxed.
dump (#18): (macOS 11) Dump wasifu wa sasa wa sandbox kwa ajili ya uchambuzi.
vtrace (#19): Fuata operesheni za sandbox kwa ajili ya ufuatiliaji au urekebishaji.
builtin_profile_deactivate (#20): (macOS < 11) Zima wasifu uliotajwa (mfano, pe_i_can_has_debugger
).
check_bulk (#21): Fanya operesheni nyingi za sandbox_check
katika wito mmoja.
reference_retain_by_audit_token (#28): Tengeneza rejeleo kwa token ya ukaguzi kwa matumizi katika ukaguzi wa sandbox.
reference_release (#29): Achilia rejeleo la token ya ukaguzi iliyoshikiliwa hapo awali.
rootless_allows_task_for_pid (#30): Thibitisha ikiwa task_for_pid
inaruhusiwa (kama csr
ukaguzi).
rootless_whitelist_push (#31): (macOS) Tumia faili ya orodha ya Ulinzi wa Uadilifu wa Mfumo (SIP).
rootless_whitelist_check (preflight) (#32): Kagua faili ya orodha ya SIP kabla ya utekelezaji.
rootless_protected_volume (#33): (macOS) Tumia ulinzi wa SIP kwa diski au sehemu.
rootless_mkdir_protected (#34): Tumia ulinzi wa SIP/DataVault kwa mchakato wa kuunda saraka.
Kumbuka kwamba katika iOS, nyongeza ya kernel ina wasifu wote waliowekwa ndani ya sehemu ya __TEXT.__const
ili kuzuia kubadilishwa. Hapa kuna baadhi ya kazi za kuvutia kutoka kwa nyongeza ya kernel:
hook_policy_init
: Inachanganya mpo_policy_init
na inaitwa baada ya mac_policy_register
. Inatekeleza sehemu kubwa ya uanzishaji wa Sandbox. Pia inaanzisha SIP.
hook_policy_initbsd
: Inatayarisha interface ya sysctl ikijiandikisha security.mac.sandbox.sentinel
, security.mac.sandbox.audio_active
na security.mac.sandbox.debug_mode
(ikiwa imeboreshwa na PE_i_can_has_debugger
).
hook_policy_syscall
: Inaitwa na mac_syscall
ikiwa na "Sandbox" kama hoja ya kwanza na msimbo unaoashiria operesheni katika ya pili. Switch inatumika kupata msimbo wa kuendesha kulingana na msimbo uliotakiwa.
Sandbox.kext
inatumia zaidi ya mia moja ya hooks kupitia MACF. Mengi ya hooks haya yatakagua tu hali fulani za kawaida ambazo zinaruhusu kutekeleza kitendo, ikiwa sivyo, zitaita cred_sb_evalutate
na vigezo kutoka MACF na nambari inayohusiana na operesheni ya kutekeleza na buffer kwa ajili ya matokeo.
Mfano mzuri wa hiyo ni kazi _mpo_file_check_mmap
ambayo inachanganya mmap
na ambayo itaanza kuangalia ikiwa kumbukumbu mpya itakuwa inapatikana kwa kuandikwa (na ikiwa sivyo ruhusu utekelezaji), kisha itakagua ikiwa inatumika kwa cache ya pamoja ya dyld na ikiwa ndivyo ruhusu utekelezaji, na hatimaye itaita sb_evaluate_internal
(au moja ya vifungashio vyake) ili kufanya ukaguzi zaidi wa ruhusa.
Zaidi ya hayo, kati ya mamia ya hooks ambazo Sandbox inatumia, kuna 3 kwa hasa ambazo ni za kuvutia sana:
mpo_proc_check_for
: Inatumia wasifu ikiwa inahitajika na ikiwa haijatumika hapo awali
mpo_vnode_check_exec
: Inaitwa wakati mchakato unapoleta binary inayohusishwa, kisha ukaguzi wa wasifu unafanywa na pia ukaguzi unaozuia utekelezaji wa SUID/SGID.
mpo_cred_label_update_execve
: Hii inaitwa wakati lebo inatolewa. Hii ni ndefu zaidi kwani inaitwa wakati binary imepakiwa kikamilifu lakini haijatekelezwa bado. Itafanya vitendo kama kuunda kitu cha sandbox, kuunganisha muundo wa sandbox kwa vigezo vya kauth, kuondoa ufikiaji wa bandari za mach...
Kumbuka kwamba _cred_sb_evalutate
ni kifungashio juu ya sb_evaluate_internal
na kazi hii inapata vigezo vilivyopitishwa na kisha inafanya tathmini kwa kutumia kazi ya eval
ambayo kawaida inakagua wasifu wa jukwaa ambao kwa default unatumika kwa mchakato wote na kisha wasifu maalum wa mchakato. Kumbuka kwamba wasifu wa jukwaa ni moja ya sehemu kuu za SIP katika macOS.
Sandbox pia ina daemon ya mtumiaji inayofanya kazi ikionyesha huduma ya XPC Mach com.apple.sandboxd
na kuunganisha bandari maalum 14 (HOST_SEATBELT_PORT
) ambayo nyongeza ya kernel inatumia kuwasiliana nayo. Inatoa baadhi ya kazi kwa kutumia MIG.
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)