macOS包括Yara,xProtect和MRT.app
我要完成的工作是在Xcode中构建一个GUI扫描器,这将允许我在Mac上指向一个特定的目录,并允许我运行以下终端命令:
(使用bin / bash时) sudo /System/Library/CoreServices/MRT.app/Contents/MacOS/mrt -a -r〜/ Library
task = [[NSTask alloc] init];
[task setLaunchPath:@"/bin/sh"];
[task setArguments:@[@"/xprotect.sh"]];
[task setStandardOutput:[NSPipe new]];
[task setStandardError: [task standardOutput]];
[task setStandardInput: [NSPipe new]];
[task launch];
NSNotificationCenter *notificationCenter = [NSNotificationCenter defaultCenter];
[notificationCenter addObserver:self
selector:@selector(getReadData:)
name:NSFileHandleReadCompletionNotification
object:[[task standardOutput] fileHandleForReading]];
[[[task standardOutput] fileHandleForReading] readInBackgroundAndNotify];
[notificationCenter addObserver:self
selector:@selector(QuitTask:)
name:NSTaskDidTerminateNotification
object:task];}
NSData *data = [[aNotification userInfo] objectForKey:@"NSFileHandleNotifictionDataItem"];
NSString *response = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
[delegate ReadInResponse:response];
[[aNotification object] readInBackgroundAndNotify];}
[[NSNotificationCenter defaultCenter]
removeObserver:self
name:NSTaskDidTerminateNotification
object:task
];
[[NSNotificationCenter defaultCenter]
removeObserver:self
name:NSFileHandleReadCompletionNotification
object:[[task standardOutput]fileHandleForReading]];
task = nil;
[delegate ReadInResponse:@"task"];
}@end
GUI中仅显示“任务”。它从不执行脚本,即使执行了脚本,我也不知道这是完成脚本的最佳方法。