• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

A2nkF/macOS-Kernel-Exploit: macOS Kernel Exploit for CVE-2019-8781.

原作者: [db:作者] 来自: 网络 收藏 邀请

开源软件名称(OpenSource Name):

A2nkF/macOS-Kernel-Exploit

开源软件地址(OpenSource Url):

https://github.com/A2nkF/macOS-Kernel-Exploit

开源编程语言(OpenSource Language):

C 62.9%

开源软件介绍(OpenSource Introduction):

macOS-Kernel-Exploit

DISCLAIMER

You need to know the KASLR slide to use the exploit. Also SMAP needs to be disabled which means that it's not exploitable on Macs after 2015. These limitations make the exploit pretty much unusable for in-the-wild exploitation but still helpful for security researchers in a controlled lab environment.

This exploit is intended for security research purposes only.

General

macOS Kernel Exploit for CVE-2019-8781 (currently a 0day. I'll add the CVE# once it is published ;) ).

Thanks to @LinusHenze for this cool bug and his support ;P.

Writeup

Probably coming soon. If you want to try and exploit it yourself, here are a few things to get you started:

Build

I recommend setting the bootargs to: debug=0x44 kcsuffix=development -v

⚠️ Note: SMAP needs to be disabled on macs after 2015 (-pmap_smap_disable)

You will need XCODE <= 9.4.1 to build the exploit. (It needs to be 32bit) Downloading Xcode 9.4.1 Commandline Tools should be enough ;) Download: https://developer.apple.com/download/more/

make

Execution

./exploit <KASLR slide>

Tested on macOS Mojave: Darwin Kernel-Mac.local 18.7.0 Darwin Kernel Version 18.7.0: Thu Jun 20 18:42:21 PDT 2019; root:xnu-4903.270.47~4/DEVELOPMENT_X86_64 x86_64

Demo:

asciicast




鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap