macOS 파일 ν™•μž₯자 및 URL μŠ€ν‚΄ μ•± ν•Έλ“€λŸ¬

Tip

AWS ν•΄ν‚Ή 배우기 및 μ—°μŠ΅ν•˜κΈ°:HackTricks Training AWS Red Team Expert (ARTE)
GCP ν•΄ν‚Ή 배우기 및 μ—°μŠ΅ν•˜κΈ°: HackTricks Training GCP Red Team Expert (GRTE) Azure ν•΄ν‚Ή 배우기 및 μ—°μŠ΅ν•˜κΈ°: HackTricks Training Azure Red Team Expert (AzRTE)

HackTricks μ§€μ›ν•˜κΈ°

LaunchServices λ°μ΄ν„°λ² μ΄μŠ€

이것은 macOS에 μ„€μΉ˜λœ λͺ¨λ“  μ• ν”Œλ¦¬μΌ€μ΄μ…˜μ˜ λ°μ΄ν„°λ² μ΄μŠ€λ‘œ, μ§€μ›ν•˜λŠ” URL μŠ€ν‚΄ 및 MIME νƒ€μž…κ³Ό 같은 각 μ„€μΉ˜λœ μ• ν”Œλ¦¬μΌ€μ΄μ…˜μ— λŒ€ν•œ 정보λ₯Ό μ–»κΈ° μœ„ν•΄ 쿼리할 수 μžˆμŠ΅λ‹ˆλ‹€.

이 λ°μ΄ν„°λ² μ΄μŠ€λ₯Ό λ€ν”„ν•˜λŠ” 것은 κ°€λŠ₯ν•©λ‹ˆλ‹€:

/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/Support/lsregister -dump

λ˜ν•œ 도ꡬ lsdtripλ₯Ό μ‚¬μš©ν•  수 μžˆμŠ΅λ‹ˆλ‹€.

**/usr/libexec/lsd**λŠ” λ°μ΄ν„°λ² μ΄μŠ€μ˜ λ‘λ‡Œμž…λ‹ˆλ‹€. μ—¬λŸ¬ XPC μ„œλΉ„μŠ€λ₯Ό μ œκ³΅ν•©λ‹ˆλ‹€. 예λ₯Ό λ“€μ–΄ .lsd.installation, .lsd.open, .lsd.openurl 등이 μžˆμŠ΅λ‹ˆλ‹€. κ·ΈλŸ¬λ‚˜ λ…ΈμΆœλœ XPC κΈ°λŠ₯을 μ‚¬μš©ν•˜κΈ° μœ„ν•΄μ„œλŠ” μ• ν”Œλ¦¬μΌ€μ΄μ…˜μ— λŒ€ν•œ 일뢀 κΆŒν•œμ΄ ν•„μš”ν•©λ‹ˆλ‹€. 예λ₯Ό λ“€μ–΄ mime μœ ν˜•μ΄λ‚˜ URL μŠ€ν‚΄μ— λŒ€ν•œ κΈ°λ³Έ 앱을 λ³€κ²½ν•˜κΈ° μœ„ν•œ .launchservices.changedefaulthandler λ˜λŠ” .launchservices.changeurlschemehandler와 같은 κΆŒν•œμ΄ ν•„μš”ν•©λ‹ˆλ‹€.

/System/Library/CoreServices/launchservicesdλŠ” μ„œλΉ„μŠ€ com.apple.coreservices.launchservicesdλ₯Ό μ£Όμž₯ν•˜λ©° μ‹€ν–‰ 쀑인 μ• ν”Œλ¦¬μΌ€μ΄μ…˜μ— λŒ€ν•œ 정보λ₯Ό μ–»κΈ° μœ„ν•΄ 쿼리할 수 μžˆμŠ΅λ‹ˆλ‹€. μ‹œμŠ€ν…œ 도ꡬ /usr/bin/lsappinfo λ˜λŠ” lsdtrip둜 쿼리할 수 μžˆμŠ΅λ‹ˆλ‹€.

파일 ν™•μž₯자 및 URL μŠ€ν‚΄ μ•± ν•Έλ“€λŸ¬

λ‹€μŒ 쀄은 ν™•μž₯μžμ— 따라 νŒŒμΌμ„ μ—΄ 수 μžˆλŠ” μ• ν”Œλ¦¬μΌ€μ΄μ…˜μ„ μ°ΎλŠ” 데 μœ μš©ν•  수 μžˆμŠ΅λ‹ˆλ‹€:

/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/Support/lsregister -dump | grep -E "path:|bindings:|name:"

λ˜λŠ” SwiftDefaultApps와 같은 것을 μ‚¬μš©ν•˜μ„Έμš”:

./swda getSchemes #Get all the available schemes
./swda getApps #Get all the apps declared
./swda getUTIs #Get all the UTIs
./swda getHandler --URL ftp #Get ftp handler

μ‘μš© ν”„λ‘œκ·Έλž¨μ΄ μ§€μ›ν•˜λŠ” ν™•μž₯자λ₯Ό ν™•μΈν•˜λ €λ©΄ λ‹€μŒμ„ μˆ˜ν–‰ν•  수 μžˆμŠ΅λ‹ˆλ‹€:

cd /Applications/Safari.app/Contents
grep -A3 CFBundleTypeExtensions Info.plist  | grep string
<string>css</string>
<string>pdf</string>
<string>webarchive</string>
<string>webbookmark</string>
<string>webhistory</string>
<string>webloc</string>
<string>download</string>
<string>safariextz</string>
<string>gif</string>
<string>html</string>
<string>htm</string>
<string>js</string>
<string>jpg</string>
<string>jpeg</string>
<string>jp2</string>
<string>txt</string>
<string>text</string>
<string>png</string>
<string>tiff</string>
<string>tif</string>
<string>url</string>
<string>ico</string>
<string>xhtml</string>
<string>xht</string>
<string>xml</string>
<string>xbl</string>
<string>svg</string>

Tip

AWS ν•΄ν‚Ή 배우기 및 μ—°μŠ΅ν•˜κΈ°:HackTricks Training AWS Red Team Expert (ARTE)
GCP ν•΄ν‚Ή 배우기 및 μ—°μŠ΅ν•˜κΈ°: HackTricks Training GCP Red Team Expert (GRTE) Azure ν•΄ν‚Ή 배우기 및 μ—°μŠ΅ν•˜κΈ°: HackTricks Training Azure Red Team Expert (AzRTE)

HackTricks μ§€μ›ν•˜κΈ°