关联漏洞
Description
PoC demo for CVE-2019-8852, a tfp0 bug.
介绍
# CVE-2019-8852
A tfp0 bug for macOS 10.15.1 and below.
# Warranty
**Use it on your own risk. This will make you macOS panic.** I build it for security researchers only.
# Current state
Just a PoC, convert the vulnerability to a useful UAF.
Tested on **macOS 10.14.6 (18G103)**, MacBook Pro with 16 GB RAM.
# Credits
* Almost everything starts from oob_timestamp: Brandon Azad (@_bazad)
# License
GPL-3.0 License
# Misc
my twitter [@pattern_F_](https://twitter.com/pattern_F_)
English is hard for me...
英语太难了...
文件快照
[4.0K] /data/pocs/444009079eec0557493e0ae9c9a269956586d5bd
├── [4.0K] exploit-1
│ ├── [7.6K] apple_double.c
│ ├── [3.8K] apple_double.h
│ ├── [9.0K] exploit.c
│ ├── [1.8K] ipc_port.h
│ └── [ 292] main.c
├── [ 34K] LICENSE
├── [ 77] Makefile
├── [4.0K] mylib
│ ├── [ 20K] IOSurface_lib.c
│ ├── [ 962] kapi.h
│ ├── [3.2K] kapi_memory.c
│ ├── [4.3K] k_offsets.c
│ ├── [2.5K] k_offsets.h
│ ├── [4.8K] k_utils.c
│ ├── [ 516] k_utils.h
│ ├── [1.8K] mycommon.h
│ ├── [1.8K] sys_darwin.c
│ ├── [ 53K] user_kernel_alloc.c
│ ├── [3.0K] user_kernel_alloc.h
│ ├── [6.7K] utils.c
│ └── [ 938] utils.h
├── [ 536] README.md
└── [ 509] run-exploit.py
2 directories, 22 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →