Created
October 2, 2023 14:10
-
-
Save tatdatpham/f25b95b55232d27fff2b6f1c33c9b6aa to your computer and use it in GitHub Desktop.
The script that help bypass MDM for Venture & Sonoma. Please only use script when you can access to your device and run script with root.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| RED='\033[1;31m' | |
| GRN='\033[1;32m' | |
| BLU='\033[1;34m' | |
| YEL='\033[1;33m' | |
| PUR='\033[1;35m' | |
| CYAN='\033[1;36m' | |
| NC='\033[0m' | |
| echo -e "${CYAN}*---------------------*----------------------*${NC}" | |
| echo -e "${YEL}* Check MDM - Skip MDM Auto for MacOS by *${NC}" | |
| echo -e "${RED}* SKIPMDM.COM *${NC}" | |
| echo -e "${RED}* Phoenix Team *${NC}" | |
| echo -e "${GRN}* Modified by Dat Pham Tat *${NC}" | |
| echo -e "${GRN}* Please use for Device that have data ONLY *${NC}" | |
| echo -e "${CYAN}*---------------------*----------------------*${NC}" | |
| echo "" | |
| PS3='Please enter your choice: ' | |
| options=("Autoypass on Recovery" "Reboot") | |
| select opt in "${options[@]}"; do | |
| case $opt in | |
| "Autoypass on Recovery") | |
| echo -e "${GRN}Bypass on Recovery" | |
| echo "0.0.0.0 deviceenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts | |
| echo "0.0.0.0 mdmenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts | |
| echo "0.0.0.0 iprofiles.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts | |
| echo -e "${GREEN}Successfully blocked host / Thành công chặn host${NC}" | |
| # echo "Remove config profile" | |
| touch /Volumes/Data/private/var/db/.AppleSetupDone | |
| rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord | |
| rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound | |
| touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled | |
| touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound | |
| echo -e "${CYAN}------ Autobypass SUCCESSFULLY / Autobypass HOÀN TẤT ------${NC}" | |
| echo -e "${CYAN}------ Exit Terminal , Reset Macbook and ENJOY ! ------${NC}" | |
| break | |
| ;; | |
| "Disable Notification (SIP)") | |
| echo -e "${RED}Please Insert Your Password To Proceed${NC}" | |
| sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord | |
| sudo rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound | |
| sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled | |
| sudo touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound | |
| break | |
| ;; | |
| "Disable Notification (Recovery)") | |
| rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord | |
| rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound | |
| touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled | |
| touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound | |
| break | |
| ;; | |
| "Check MDM Enrollment") | |
| echo "" | |
| echo -e "${GRN}Check MDM Enrollment. Error is success${NC}" | |
| echo "" | |
| echo -e "${RED}Please Insert Your Password To Proceed${NC}" | |
| echo "" | |
| sudo profiles show -type enrollment | |
| break | |
| ;; | |
| "Exit") | |
| echo "Rebooting..." | |
| reboot | |
| break | |
| ;; | |
| *) echo "Invalid option $REPLY" ;; | |
| esac | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
On Sonoma 14.7.2. the script just returned
bypass-mdm.sh:19: invalid value: Rebootprompting me for an option, not taking any string I entered from the source code.
Invalid option Reboottouch /Volumes/Data/private/var/db/.AppleSetupDone also usually isn't there anymore
while data exists in the disk utility, the configs are not there, see below for an amended line if you like. (:
also why call 30-33 again in 40-43 and 47-50?
To still make this work I manually took and entered:
configs
/private/etc/hosts & /private/etc/hosts.save (!) (hosts.equiv can be safely ignored)
sudo profiles show -type enrollmentreturning successfully with
Error fetching Device Enrollment configuration: We can't determine if this machine is DEP enabled. Try again later.
Now shutting down MacOS, using a boot drive with Tahoe 26.0 and installing over the machine.
ABM and therefore the MDM profile shouldn't be reachable because of the obstructed host addresses.
Of course, apart from needing Internet in Recovery Mode when updating via Boot Drive for MacOS to verify the installer and your machine, the installer will throw an error if you try to run it without internet connection in Recovery mode after a bit.
MAC filtering is another way to go about bypassing MDM, preventing access to the servers in the hosts file, in theory this is sufficient, but not supported by most consumer level routers so not a practical solution. What you would do is tell your router to block these addresses for the MAC address (lol) of your Mac specifically.
DONE! Works.
The machine I tried this on is likely present on the ABM-side, I "got" this from my a bigger company through a third party.
BUT I don't know for sure, try at your own risk - as always.
Will come back to this post and let you know if this worked, if not I will try this https://github.com/assafdori/bypass-mdm