mirror of
https://github.com/assafdori/bypass-mdm.git
synced 2026-04-19 18:44:58 +00:00
updating script
This commit is contained in:
Assaf Dori
158
bypass-mdm.sh
158
bypass-mdm.sh
@@ -1,4 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Define color codes
|
||||||
RED='\033[1;31m'
|
RED='\033[1;31m'
|
||||||
GRN='\033[1;32m'
|
GRN='\033[1;32m'
|
||||||
BLU='\033[1;34m'
|
BLU='\033[1;34m'
|
||||||
@@ -7,84 +9,94 @@ PUR='\033[1;35m'
|
|||||||
CYAN='\033[1;36m'
|
CYAN='\033[1;36m'
|
||||||
NC='\033[0m'
|
NC='\033[0m'
|
||||||
|
|
||||||
|
# Display header
|
||||||
echo -e "${CYAN}Bypass MDM By Assaf Dori (assafdori.com)${NC}"
|
echo -e "${CYAN}Bypass MDM By Assaf Dori (assafdori.com)${NC}"
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
|
# Prompt user for choice
|
||||||
PS3='Please enter your choice: '
|
PS3='Please enter your choice: '
|
||||||
options=("Bypass MDM from Recovery" "Reboot")
|
options=("Bypass MDM from Recovery" "Exit")
|
||||||
select opt in "${options[@]}"; do
|
select opt in "${options[@]}"; do
|
||||||
case $opt in
|
case $opt in
|
||||||
"Bypass MDM from Recovery")
|
"Bypass MDM from Recovery")
|
||||||
echo -e "${YEL}Bypass MDM from Recovery"
|
# Bypass MDM from Recovery
|
||||||
if [ -d "/Volumes/Macintosh HD - Data" ]; then
|
echo -e "${YEL}Bypass MDM from Recovery"
|
||||||
diskutil rename "Macintosh HD - Data" "Data"
|
if [ -d "/Volumes/Macintosh HD - Data" ]; then
|
||||||
fi
|
diskutil rename "Macintosh HD - Data" "Data"
|
||||||
echo -e "${NC}Create a Temporary User"
|
fi
|
||||||
echo -e "Enter Temporary Fullname (Default is 'Apple')"
|
|
||||||
read realName
|
|
||||||
realName="${realName:= Apple}"
|
|
||||||
echo -e "${NC}Enter Temporary Username ${RED}A-Z ONLY, NO SPACES ALLOWED ${NC}(Default is 'Apple')"
|
|
||||||
read username
|
|
||||||
username="${username:=Apple}"
|
|
||||||
echo -e "${NC}Enter Temporary Password (Default is '1234')"
|
|
||||||
read passw
|
|
||||||
passw="${passw:=1234}"
|
|
||||||
dscl_path='/Volumes/Data/private/var/db/dslocal/nodes/Default'
|
|
||||||
echo -e "${GREEN}Creating Temporary User"
|
|
||||||
# Create user
|
|
||||||
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username"
|
|
||||||
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UserShell "/bin/zsh"
|
|
||||||
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
|
|
||||||
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
|
|
||||||
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UniqueID "501"
|
|
||||||
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" PrimaryGroupID "20"
|
|
||||||
mkdir "/Volumes/Data/Users/$username"
|
|
||||||
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" NFSHomeDirectory "/Users/$username"
|
|
||||||
dscl -f "$dscl_path" localhost -passwd "/Local/Default/Users/$username" "$passw"
|
|
||||||
dscl -f "$dscl_path" localhost -append "/Local/Default/Groups/admin" GroupMembership $username
|
|
||||||
echo "0.0.0.0 deviceenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
|
|
||||||
echo "0.0.0.0 mdmenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
|
|
||||||
echo "0.0.0.0 iprofiles.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
|
|
||||||
echo -e "${GRN}Successfully blocked MDM domains"
|
|
||||||
echo -e "${NC}Removing configuration profiles"
|
|
||||||
touch /Volumes/Data/private/var/db/.AppleSetupDone
|
|
||||||
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
|
|
||||||
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
|
|
||||||
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
|
|
||||||
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
|
|
||||||
echo -e "${GRN}MDM enrollement has been bypassed!${NC}"
|
|
||||||
echo -e "${NC}Exit terminal and reboot your Mac.${NC}"
|
|
||||||
break
|
|
||||||
;;
|
|
||||||
"Disable Notification (SIP)")
|
|
||||||
echo -e "${RED}Please Insert Your Password To Proceed${NC}"
|
|
||||||
sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
|
|
||||||
sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
|
|
||||||
sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
|
|
||||||
sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
|
|
||||||
break
|
|
||||||
;;
|
|
||||||
"Disable Notification (Recovery)")
|
|
||||||
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
|
|
||||||
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
|
|
||||||
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
|
|
||||||
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
|
|
||||||
|
|
||||||
break
|
# Create Temporary User
|
||||||
;;
|
echo -e "${NC}Create a Temporary User"
|
||||||
"Check MDM Enrollment")
|
read -p "Enter Temporary Fullname (Default is 'Apple'): " realName
|
||||||
echo ""
|
realName="${realName:= Apple}"
|
||||||
echo -e "${GRN}Check MDM Enrollment. Error is success${NC}"
|
read -p "Enter Temporary Username (Default is 'Apple'): " username
|
||||||
echo ""
|
username="${username:=Apple}"
|
||||||
echo -e "${RED}Please Insert Your Password To Proceed${NC}"
|
read -p "Enter Temporary Password (Default is '1234'): " passw
|
||||||
echo ""
|
passw="${passw:=1234}"
|
||||||
sudo profiles show -type enrollment
|
|
||||||
break
|
# Create User
|
||||||
;;
|
dscl_path='/Volumes/Data/private/var/db/dslocal/nodes/Default'
|
||||||
"Exit")
|
echo -e "${GREEN}Creating Temporary User"
|
||||||
echo "Rebooting..."
|
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username"
|
||||||
reboot
|
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UserShell "/bin/zsh"
|
||||||
break
|
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
|
||||||
;;
|
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UniqueID "501"
|
||||||
*) echo "Invalid option $REPLY" ;;
|
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" PrimaryGroupID "20"
|
||||||
|
mkdir "/Volumes/Data/Users/$username"
|
||||||
|
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" NFSHomeDirectory "/Users/$username"
|
||||||
|
dscl -f "$dscl_path" localhost -passwd "/Local/Default/Users/$username" "$passw"
|
||||||
|
dscl -f "$dscl_path" localhost -append "/Local/Default/Groups/admin" GroupMembership $username
|
||||||
|
|
||||||
|
# Block MDM domains
|
||||||
|
echo "0.0.0.0 deviceenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
|
||||||
|
echo "0.0.0.0 mdmenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
|
||||||
|
echo "0.0.0.0 iprofiles.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
|
||||||
|
echo -e "${GRN}Successfully blocked MDM & Profile Domains"
|
||||||
|
|
||||||
|
# Remove configuration profiles
|
||||||
|
touch /Volumes/Data/private/var/db/.AppleSetupDone
|
||||||
|
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
|
||||||
|
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
|
||||||
|
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
|
||||||
|
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
|
||||||
|
|
||||||
|
echo -e "${GRN}MDM enrollment has been bypassed!${NC}"
|
||||||
|
echo -e "${NC}Exit terminal and reboot your Mac.${NC}"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
"Disable Notification (SIP)")
|
||||||
|
# Disable Notification (SIP)
|
||||||
|
echo -e "${RED}Please Insert Your Password To Proceed${NC}"
|
||||||
|
sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
|
||||||
|
sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
|
||||||
|
sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
|
||||||
|
sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
"Disable Notification (Recovery)")
|
||||||
|
# Disable Notification (Recovery)
|
||||||
|
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
|
||||||
|
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
|
||||||
|
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
|
||||||
|
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
"Check MDM Enrollment")
|
||||||
|
# Check MDM Enrollment
|
||||||
|
echo ""
|
||||||
|
echo -e "${GRN}Check MDM Enrollment. Error is success${NC}"
|
||||||
|
echo ""
|
||||||
|
echo -e "${RED}Please Insert Your Password To Proceed${NC}"
|
||||||
|
echo ""
|
||||||
|
sudo profiles show -type enrollment
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
"Exit")
|
||||||
|
# Exit
|
||||||
|
echo "Rebooting..."
|
||||||
|
reboot
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
*) echo "Invalid option $REPLY" ;;
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
|
|||||||
Reference in New Issue
Block a user