Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-42931 PoC — Apple macOS Sonoma 安全漏洞

Source
https://github.com/d0rb/CVE-2023-42931
Associated Vulnerability
Title:Apple macOS Sonoma 安全漏洞 (CVE-2023-42931)
Description:The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A process may gain admin privileges without proper authentication.
Description
The exploit targets a critical privilege escalation vulnerability in macOS versions Monterey, Ventura, and Sonoma.
Readme
<div align="center">


 #  🇮🇱  **#BringThemHome #NeverAgainIsNow**   🇮🇱

**We demand the safe return of all citizens who have been taken hostage by the terrorist group Hamas. We will not rest until every hostage is released and returns home safely. You can help bring them back home.
https://stories.bringthemhomenow.net/**
</div>
  
# macOS Privilege Escalation Exploit :computer:

I wrote this PoC based on this article  : https://www.alter-solutions.fr/blog/local-privilege-escalating-my-way-to-root-throught-apple-macos-filesystems

This repository contains an exploit script targeting a critical privilege escalation vulnerability (CVE-2023-42931) affecting macOS versions Monterey, Ventura, and Sonoma. 🚨

## Vulnerability Description :warning:

The vulnerability allows unprivileged users to gain full root control over the system by exploiting the "diskutil" command line utility. This poses a significant security risk to affected macOS systems. :lock:

## Exploit Overview :rocket:

The exploit script leverages the "diskutil" command to mount filesystems with specific options, enabling the attacker to escalate their privileges. It involves creating a setuid shell payload, modifying filesystem permissions, copying the payload to a placeholder file, setting permissions and setuid bit, and executing the payload to gain root access. :boom:

## Usage :hammer_and_wrench:

1. Clone the repository.
2. Execute the exploit script.
3. Follow the on-screen instructions.

## Disclaimer :warning:

This exploit script is provided for educational purposes only. Use it at your own risk. The author takes no responsibility for any misuse or damage caused by this script. :warning:

## Credits :clap:

Special thanks to Yann Gascuel (Alter Solutions) for identifying and detailing the vulnerability. :pray:

## License :page_with_curl:

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. :memo:
File Snapshot

 [4.0K]  /data/pocs/6c2d5473d26db7e15b0eb9d25d0fd86cae93598f
├── [1.8K]  PoC.py
└── [1.9K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →