Hello! I’ll get straight to the point, the remote debug server (running on my local machine) isn’t working. I start it up, attempt to connect, the debugger accepts the connection, IDA says Permission denied. Please ensure that 'mac_server_arm' is either codesigned or running as root, then the debugger prints some stuff to the console and the connection is closed. I have signed the debugger with an ad-hoc signature (specifically via codesign --force ----sign - --deep ./mac_server_arm).
My terminal output is as follows:
maple@maple dbgsrv % sudo ./mac_server_arm -v
IDA Mac OS X 64-bit remote debug server(MT) v9.0.30. Hex-Rays (c) 2004-2024
Listening on 0.0.0.0:23946 (my ip 172.16.50.18)...
[1] Accepting connection from 127.0.0.1...
init(debug_debugger=0) => 1 (flags2=5)
set_exception_info(qty=37)
start_process(path=/Applications/Placeholder.app/Contents/MacOS/Placeholder args= flags=
sdir=/Users/maple
input=/Applications/Placeholder.app/Contents/MacOS/Placeholder crc32=6a56fdeb) => -2
[1] Closing connection from 127.0.0.1...
Thanks! It isn’t made by Apple, but I’m not sure if it’s using hardened runtime or not.
Upon looking into it, it seems there’s several possible entitlements for hardened runtime. Would you mind telling me which ones specifically influence the debugger? Also, would it be okay to simply force resign it with modified entitlements? I think I’ll write a plugin for IDA based on this info (to notify the user of possible disruptive entitlements and offer to resign), to make it a bit easier in the future. I’d prefer not to disable SIP if I can avoid it.
Awesome! Resigned and added that entitlement, and now it works. Thank you very much.
Later down the line I may implement something like this as an IDA plugin, to make things easier. For any future users stumbling upon this thread, here’s a super simple script to do it for you: