2022-09-24 15:07:34 +00:00
|
|
|
SELECT et.enabled, et.process_being_tapped, et.tapping_process,
|
2022-09-12 15:17:51 +00:00
|
|
|
p.path,
|
|
|
|
|
s.authority,
|
|
|
|
|
s.identifier,
|
2022-09-20 21:46:47 +00:00
|
|
|
h.sha256,
|
|
|
|
|
CONCAT(
|
2022-09-24 15:07:34 +00:00
|
|
|
REPLACE(
|
|
|
|
|
p.path,
|
|
|
|
|
RTRIM(p.path, REPLACE(p.path, '/', '')),
|
|
|
|
|
''
|
|
|
|
|
),
|
|
|
|
|
",",
|
|
|
|
|
identifier,
|
|
|
|
|
",",
|
|
|
|
|
authority
|
2022-09-20 21:46:47 +00:00
|
|
|
) AS exception_key
|
2022-09-08 21:58:56 +00:00
|
|
|
FROM event_taps et
|
2022-09-20 21:46:47 +00:00
|
|
|
LEFT JOIN processes p ON et.tapping_process = p.pid
|
|
|
|
|
LEFT JOIN signature s ON s.path = p.path
|
|
|
|
|
LEFT JOIN hash h ON h.path = p.path
|
2022-09-08 21:58:56 +00:00
|
|
|
WHERE event_tapped IN ('EventKeyDown', 'EventKeyUp')
|
2022-09-12 15:17:51 +00:00
|
|
|
AND authority != "Software Signing"
|
2022-09-20 21:46:47 +00:00
|
|
|
AND NOT exception_key IN (
|
|
|
|
|
'iTerm2,com.googlecode.iterm2,Developer ID Application: GEORGE NACHMAN (H7V7XYVQ7D)',
|
|
|
|
|
'lghub_agent,com.logi.ghub.agent,Developer ID Application: Logitech Inc. (QED4VVPZWA)',
|
|
|
|
|
'logioptionsplus_agent,com.logi.cp-dev-mgr,Developer ID Application: Logitech Inc. (QED4VVPZWA)',
|
2022-09-24 15:07:34 +00:00
|
|
|
"MonitorControl,me.guillaumeb.MonitorControl,Developer ID Application: Joni Van Roost (CYC8C8R4K9)",
|
2022-09-20 21:46:47 +00:00
|
|
|
'skhd,skhd,'
|
2022-09-12 15:17:51 +00:00
|
|
|
)
|
|
|
|
|
GROUP BY p.path
|
