Researcher Created a macOS Image Generator Called ‘Docker-OSX’

Last updated September 23, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

An anonymous researcher using the nick “Sick.Codes” created an open-source tool called "Docker-OSX", and it's really getting traction on GitHub. The tool allows anyone to run MacOSX on a Docker container, building on OSX-KVM and the work of the OpenCore community, but it makes the generation of valid macOS images to use on virtual machine hosts a very easy procedure.

The key in the word "valid" - and the reason why Docker-OSX is so unique, is that it can generate serial numbers for Apple hardware that allows the user to access and use iMessage, iCloud, and the App Store, so it’s essentially an almost fully-fledged macOS image.

As the developer told us, the "magic" of the serial number generation lies in combining elements from the OpenCorePkg, MAC addresses by Apple, and the UUID gen utility. Docker-OSX essentially packs everything together, enabling users to generate as many as they like.

So, someone could create 50 perfectly valid iMac Pros, or even 10,000 Macbooks, generating an army of unique virtual machines on Docker, for whatever purpose. From security research to server-level deployments and from programming for the macOS platform to just experimenting with Apple’s proprietary software, Docker-OSX can help with a wide range of applications that the Cupertino company would normally never offer.

In fact, only two days ago, we covered the news about a leak of an internal AppleCare email which indicates that Apple is actually planning to randomize its serial numbers, making the generation of valid hardware IDs a lot harder than what it currently is. We’ve asked Sick.Codes about how that would affect "Docker-OSX," and he told us that it could change the iMessage login procedures, so it could prevent some aspects of the image's functionality.

As for the legal aspect of using "Docker-OSX," while it's obvious that Apple doesn’t want people to use tools of this kind, the work of Sick.Codes don't contain anything that is copyright protected, so it doesn't violate anything, and it should stay unmoved on GitHub. Also, the researcher told us that he is an active participant in the Apple Bug Bounty Program, so the intention isn't to enable piracy but to lift restrictions from the space of research.

All that said, users of Docker-OSX shouldn't be afraid of facing similar threats to those that Apple launched in relation to Corellium, even if some EULAs are still violated here, no doubt. In fact, there are even large and known companies among a total of 50,000 unique downloads that Docker-OSX has had thus far. These numbers tell us that the tool is really taking off, and the community is loving it.

As Sick.Codes told us:

The project doesn't sell anything: it's completely free and open source, made by hackers and developers, for hackers and developers. All the traction is from its pure usefulness. I use Docker-OSX to resize HFS+ disks and I just jailbroke my new iPhone with it.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: