Does anyone have any examples of finding versions of command

Question

Does anyone have any examples of finding versions of command line tools and binaries such as git We re using `homebrew packages` at the moment but that misses out on things such as the AppleGit versions included in the Xcode CLI tools I m thinking the extension route might be the way to go but just checking if anyone has solved this in an easier way

seph · Answer

Are they in the apps table

seph · Answer

Ultimately this will depend on how these command line tools are installed

theopolis · Answer

How would you find the version without using osquery

Liam · Answer

gt Are they in the apps table Nope for example when installing the Xcode command line tools Looking around that isn t exposed anywhere in OSQuery we d get it from the cli by running `git version` but there doesn t seem to be a footprint anywhere on the system that I can see

seph · Answer

Osquery generally talks to apis Home brew apps etc I don t think I ve seen anything that does quiet what you re asking Each tool would need its own logic

seph · Answer

For things that come via Xcode your night be able to check Xcode s version But it s a bit indirect

Liam · Answer

That s what I was expecting essentially trying to get the data we d need to do vulnerability detection and this was on the list of edge cases thanks for the confirmation

seph · Answer

I think there s a really deep rathole

seph · Answer

It s easy to gather apps version And homebrew ones But it seems impossible to try to get all the possible binaries an end user installed

Guillaume · Answer

Yeah in that case it might make more sense to gather what can be gathered as installed and then monitor processes Won t help you detect a vuln on an executable that is present but never executed but maybe that s not the worst thing ever I don t really know your use case