Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2021-30657 PoC — Apple macOS 安全特征问题漏洞

Source
https://github.com/shubham0d/CVE-2021-30657
Associated Vulnerability
Title:Apple macOS 安全特征问题漏洞 (CVE-2021-30657)
Description:A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited..
Description
A sample POC for CVE-2021-30657 affecting MacOS
Readme
# CVE-2021-30657
A simple POC for CVE-2021-30657 affecting MacOS
## Vulnerability detail
A vulnerability in `syspolicyd` allows specially crafted application bundle downloaded from internet to <br/>
bypass foundational macOS security features such as File Quarantine, Gatekeeper, and Notarization. <br/>
Armed with this capability attackers could hack macOS systems with a simple user (double)-click.

## Usage
Put your desireable shell script in `payload.sh`.<br/>
Execute `setup.sh` <br/>
This will generate a bait.dmg that will contain our malicious app bundle.<br/>
Share it to the victim through internet. <br/>
When victim will double click on app icon after mounting dmg, it will execute the payload script without any gatekeeper's checks.

## Affected version
* macOS Big Sur < 11.3
* Security Update Catalina < 2021-002

## Technical details
https://objective-see.com/blog/blog_0x64.html
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →