Skip to content

CDHash Fix

Choose a tag to compare

View all tags
@obelisk obelisk released this 23 Sep 15:40
· 14 commits to master since this release
v0.1.1-alpha
852f9e3

Fixed a bug where 0s weren't prepended for each byte when parsing the CDHash.

This meant that CDHashes were not consistent in length, and incorrect compared to codesign. As an example here is the CDHash of bash according to codesign, and old endpointsecurity.

ES:   27 C8 F0 D6 33 7C  6 84 CE C0  0 48 E0 FA CE ED FD 57  2 8E
CS:   27 c8 f0 d6 33 7c 06 84 ce c0 00 48 e0 fa ce ed fd 57 02 8e

This is now fixed and CDHashes are now always 40 characters.

Assets 2
Loading