Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kitploitKitPloitKITPLOIT:4066304721921583015
HistoryMar 09, 2019 - 8:25 p.m.

rootOS - macOS Root Helper

2019-03-0920:25:00
www.kitploit.com
433

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.149 Low

EPSS

Percentile

95.7%

JSON

Tries to use various CVEs to gain sudo or root access. All exploits have an end goal of adding ALL ALL=(ALL) NOPASSWD: ALL to /etc/sudoers allowing any user to run sudo commands.

Exploits

  • CVE-2008-2830
  • CVE-2015-3760
  • CVE-2015-5889
  • CVE-2017-13872
  • AppleScript Dynamic Phishing
  • Sudo Piggyback Link

Run

python root.py

Download rootOS

Related

seebug 1
zdt 4
openvas 6
cert 1
apple 4
nessus 9
cve 4
prion 4
threatpost 2
saint 4
packetstorm 2
exploitpack 1
canvas 2
exploitdb 1
securityvulns 4
seebug
seebug
macOS High Sierra - Root Privilege Escalation (CVE-2017-13872)
2017-12-01 00:00:00
zdt
zdt
Apple macOS 10.13.1 High Sierra - Blank Root Local Privilege Escalation Vulnerability
2017-12-09 00:00:00
issetugid() + rsh + libmalloc OS X Local Root Exploit
2015-10-03 00:00:00
Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation Exploit
2015-10-27 00:00:00
openvas
openvas
Apple Mac OS X High Sierra Local Root Authentication Bypass Vulnerability
2017-11-29 00:00:00
Apple Mac OS X Security Updates (HT208331)-03
2017-12-07 00:00:00
Mac OS X Security Update 2008-005
2010-05-12 00:00:00
cert
cert
Apple MacOS High Sierra disabled account authentication bypass
2017-11-29 00:00:00
apple
apple
About the security content of Security Update 2017-001
2017-11-29 00:00:00
About the security content of Security Update 2017-001 - Apple Support
2017-12-02 04:57:38
About the security content of macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan
2017-12-06 00:00:00
nessus
nessus
macOS 10.13 root Authentication Bypass Direct Check
2017-11-29 00:00:00
macOS 10.13 Authentication Bypass Remote Check (CVE-2017-13872)
2017-12-04 00:00:00
MacOS 10.13 root Authentication Bypass (Security Update 2017-001)
2017-11-28 00:00:00
cve
cve
CVE-2017-13872
2017-11-29 17:29:00
CVE-2015-5889
2015-10-09 05:59:00
CVE-2015-3760
2015-08-16 23:59:00
prion
prion
Directory traversal
2017-11-29 17:29:00
Code injection
2015-10-09 05:59:00
Code injection
2015-08-16 23:59:00
threatpost
threatpost
Mac, Linux Users Now Targeted by FinSpy Variants
2020-09-28 19:09:34
Apple Announces Emergency Patch to Fix High Sierra Login Bug
2017-11-29 13:17:13
saint
saint
Mac OS X rsh Environment Variables Privilege Elevation
2015-10-15 00:00:00
Mac OS X rsh Environment Variables Privilege Elevation
2015-10-15 00:00:00
Mac OS X rsh Environment Variables Privilege Elevation
2015-10-15 00:00:00
packetstorm
packetstorm
Mac OS X 10.9.5 / 10.10.5 rsh/libmalloc Privilege Escalation
2015-10-27 00:00:00
issetugid() + rsh + libmalloc OS X Local Root
2015-10-03 00:00:00
exploitpack
exploitpack
Apple Mac OSX 10.9.510.10.5 - rshlibmalloc Local Privilege Escalation
2015-10-01 00:00:00
canvas
canvas
Immunity Canvas: OSX_RSH_LIBMALLOC
2015-10-09 05:59:00
Immunity Canvas: OSX_DYLD_PRINT_TO_FILE
2015-08-16 23:59:00
exploitdb
exploitdb
Apple Mac OSX 10.9.5/10.10.5 - 'rsh/libmalloc' Local Privilege Escalation
2015-10-01 00:00:00
securityvulns
securityvulns
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11
2015-10-05 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2015-08-17 00:00:00
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
2015-08-17 00:00:00

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.149 Low

EPSS

Percentile

95.7%

JSON
Related for KITPLOIT:4066304721921583015
seebug1zdt4openvas6cert1apple4nessus9cve4prion4threatpost2saint4packetstorm2exploitpack1canvas2exploitdb1securityvulns4