#!/bin/bash
# Run command
# sudo /bin/bash -c "$(curl -fsSL https://bit.ly/fix-mdm)"
# or 
# curl https://bit.ly/fix-mdm -o bypass-mdm.sh && chmod +x ./bypass-mdm.sh && ./bypass-mdm.sh
#
echo ""
echo -e "Bypass MDM"
echo ""
echo -e "Bypass on Recovery"
if [ -d "/Volumes/Macintosh HD - Data" ]; then
  diskutil rename "Macintosh HD - Data" "Data"
fi
if [ -d "/Volumes/Macintosh HD - Dữ liệu" ]; then
  diskutil rename "Macintosh HD - Data" "Data"
fi
echo -e "Username default: macbook, password: 1234"
realName="${realName:=Macbook}"
username="${username:=macbook}"
passw="${passw:=1234}"
dscl_path='/Volumes/Data/private/var/db/dslocal/nodes/Default' 

echo -e "Creating user ..."
# Create user
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username"
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UserShell "/bin/zsh"
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" RealName "$realName"
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" UniqueID "501"
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" PrimaryGroupID "20"
mkdir "/Volumes/Data/Users/$username"
dscl -f "$dscl_path" localhost -create "/Local/Default/Users/$username" NFSHomeDirectory "/Users/$username"
dscl -f "$dscl_path" localhost -passwd "/Local/Default/Users/$username" "$passw"
dscl -f "$dscl_path" localhost -append "/Local/Default/Groups/admin" GroupMembership $username

echo "By pass hosts"
echo "0.0.0.0 deviceenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
echo "0.0.0.0 mdmenrollment.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
echo "0.0.0.0 iprofiles.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
echo "0.0.0.0 gdmf.apple.com" >>/Volumes/Macintosh\ HD/etc/hosts
echo -e "Successfully blocked MDM & Profile Domains on host"

echo "Remove config profile"
touch /Volumes/Data/private/var/db/.AppleSetupDone
csrutil disable
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
sudo profiles remove -all

echo "Disable Notification (SIP) SIP"
rm /var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
rm /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
touch /var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
touch /var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound
launchctl disable system/com.apple.ManagedClient.enroll

echo "Disable Notification (Recovery)"
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigHasActivationRecord
rm -rf /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordFound
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigProfileInstalled
touch /Volumes/Macintosh\ HD/var/db/ConfigurationProfiles/Settings/.cloudConfigRecordNotFound

echo "Verify the DEP status. Error is success"
profiles show -type enrollment
profiles status -type enrollment

echo -e "MDM enrollment has been bypassed!"
echo -e "Exit terminal and reboot your Mac."
reboot
echo "----------------------"