Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-8781 PoC — Apple macOS Catalina Kernel组件缓冲区错误漏洞

Source
https://github.com/TrungNguyen1909/CVE-2019-8781-macOS
Associated Vulnerability
Title:Apple macOS Catalina Kernel组件缓冲区错误漏洞 (CVE-2019-8781)
Description:A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges.
Description
Exploit POC for the bug CVE-2019-8781, found by @LinusHenze
Readme
# CVE-2019-8781

## Security Advisory

[CVE-2019-8781](https://support.apple.com/en-vn/HT210634)

## POC Details

- The POC elevate the process to root and execute a shell.

## Exploit environment
	
	- macOS 10.14.6 (18G95) (Should works on all macOS version that's released before 10.15.0)
	
	- SMEP: On
	
	- SMAP: Off
	
	- Kernel ASLR slide passed to the argv[1]

## Building

- You will need Xcode 9.4.1 Command Line Tools to compile it.

- Check the `Makefile`.

## Writeups

- Checkout my blog, here is the [link](https://trungnguyen1909.github.io/blog/post/CampCTF/PwningKernelz/)

## Shoutouts

- Apple for the 0day.

- Linus Henze(@LinusHenze), for the bug, ofc =)))
File Snapshot

 [4.0K]  /data/pocs/3f8086bf5303fc514f45c6188497dffdc97c240b
├── [ 173]  asm.S
├── [1.1K]  definitions.h
├── [2.6K]  main.c
├── [  89]  Makefile
└── [ 675]  README.md

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →