OS X Code Injection
December 20, 2011

Following on from my Helper Applications sample project, I’ve created another sample which focusses on how to do code-injection.

In particular this sample makes and installs a helper application who’s job is to inject some code into another application (by default the Finder).

The injected code adds a menu to the application’s menubar, with a single item in it that just logs stuff to the console.

Once again the project is based on existing examples, but attempts to present things in a slightly cleaner / simpler way.

It uses Wolf Rentzsch’s mach_star to do the heavy lifting for the injection task.

You can find it on github.

Once again I should point out that this example pretty much ignores security when it comes to the inter-process communication between the host application, the injection helper, and the injected code. Which isn’t to say that it’s not useful, simply that you’d have to batten it down far tighter if you want to avoid opening up some potentially horrible security holes.

In the sample, the helper is launched on demand, and only does the injection in response to a command from something else. In a real-world scenario, I guess it would make more sense for it to watch for the target app to launch and do the injection then. It would also make more sense if the various parameters were embedded into the helper to lock it down. However, in it’s current form, I guess the sample could form the basis of some sort of application-enhancer style system allowing multiple client applications to inject code into multiple targets.