Lucene search
K

9 matches found

Exploit DB
Exploit DB
added 2016/10/31 12:0 a.m.71 views

Apple macOS 10.12 - 'task_t' Local Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=837 TL;DR you cannot hold or use a task struct pointer and expect the euid of that task to stay the same. Many many places in the kernel do this and there are a great many very exploitable bugs as a result. taskt is just a typedef...

9.3CVSS6.4AI score0.12671EPSS
Exploits9
0day.today
0day.today
added 2016/04/27 12:0 a.m.101 views

Mach Race OSX - Privilege Escalation

Exploit for macOS platform in category local exploits Source: https://github.com/gdbinit/machrace Mach Race OS X Local Privilege Escalation Exploit c fG! 2015, 2016, email protected - https://reverse.put.as A SUID, SIP, and binary entitlements universal OS X exploit CVE-2016-1757. Usage against a...

9.3CVSS0.12671EPSS
Exploits9
Exploit DB
Exploit DB
added 2016/04/27 12:0 a.m.45 views

Mach Race OSX - Local Privilege Escalation

Source: https://github.com/gdbinit/machrace Mach Race OS X Local Privilege Escalation Exploit c fG! 2015, 2016, [email protected] - https://reverse.put.as A SUID, SIP, and binary entitlements universal OS X exploit CVE-2016-1757. Usage against a SUID binary: ./machraceserver /bin/ps compatmode for ...

9.3CVSS6.4AI score0.12671EPSS
Exploits9
exploitpack
exploitpack
added 2016/04/27 12:0 a.m.34 views

Mach Race OSX - Local Privilege Escalation

Mach Race OSX - Local Privilege Escalation Source: https://github.com/gdbinit/machrace Mach Race OS X Local Privilege Escalation Exploit c fG! 2015, 2016, [email protected] - https://reverse.put.as A SUID, SIP, and binary entitlements universal OS X exploit CVE-2016-1757. Usage against a SUID binar...

9.3CVSS0.5AI score0.12671EPSS
Exploits9
myhack58
myhack58
added 2016/04/09 12:0 a.m.26 views

CVE-2 0 1 6-1 7 5 7 a simple analysis-vulnerability warning-the black bar safety net

Recent 1 0. 1 1. 4 patch fixes a use condition of competition to get code execution permissions of vulnerability after the kernel source code as well as poc to understand after the first of the issues to make a simple analysis. 0x01 basics 1.1 the exec function to process I'm in the OSX kernel to...

1.3AI score
Exploits0
canvas
canvas
added 2016/03/24 1:59 a.m.522 views

Immunity Canvas: CVE_2016_1757

Name| CVE20161757 ---|--- CVE| CVE-2016-1757 Exploit Pack| CANVAS Description| Shellelevate: CVE-2016-1757 Notes| Repeatability: Multiple Times NOTES: VENDOR: Apple CVE Url: https://vulners.com/cve/CVE-2016-1757 CVE Name: CVE-2016-1757...

9.3CVSS6AI score0.12671EPSS
Exploits9
CVE
CVE
added 2016/03/24 1:0 a.m.157 views

CVE-2016-1757

CVE-2016-1757 is a race-condition in the XNU kernel that can enable arbitrary code execution in kernel context by abusing how task_t pointers are invalidated and reused during process execs. The public exploit chain relies on two cooperating processes exchanging a task port and triggering the use...

9.3CVSS5.9AI score0.12671EPSS
Exploits9References8Affected Software2
Circl
Circl
added 2016/03/23 12:0 a.m.16 views

CVE-2016-1757

creationtimestamp| type| source ---|---|--- 2016-03-23 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39595 2025-08-31 03:01:12+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

9.3CVSS7.4AI score0.12671EPSS
Exploits9References1
GoogleProjectZero
GoogleProjectZero
added 2016/03/22 12:0 a.m.35 views

Race you to the kernel!

Posted by Ian Beer of Google Project Zero The OS X and iOS kernel code responsible for loading a setuid root binary invalidates the old task port after first swapping the new virtual memory map pointer into the old task object, leaving a short race window where you can manipulate the memory of an...

9.3CVSS5.8AI score0.12671EPSS
Exploits9
Rows per page
Query Builder