Apple OS X Entitlements Rootpipe Privilege Escalation

2015-09-02T00:00:00
ID SSV:89291
Type seebug
Reporter lightning1141
Modified 2015-09-02T00:00:00

Description

<p>This module exploits the rootpipe vulnerability and bypasses Apple's initial fix for the issue by injecting code into a process with the 'admin.writeconfig' entitlement.</p><p><a href="https://truesecdev.wordpress.com/2015/07/01/exploiting-rootpipe-again/" rel="nofollow">https://truesecdev.wordpress.com/2015/07/01/exploiting-rootpipe-again/</a><br></p>