CVE-2016-1828

Local privilege escalation for OS X 10.10.5 via CVE-2016-1828.

bazad5 Local privilege escalation for OS X 10105 via CVE-2016-1828

Local privilege escalation for OS X 10.10.5 via CVE-2016-1828.

bazad5 Local privilege escalation for OS X 10105 via CVE-2016-1828

A collection of resources for OSX/iOS reverse engineering.

osx & ios re 101 Work in progress as I am actively collecting these Must read reverseputas/ blogpaloaltonetworkscom/tag/mac-os-x/ wwwsynackcom/blog/r-d-projects/os-x-security-research/ pewpewthespellscom/rehtml githubcom/bx/machO-tools githubcom/kpwn/iOSRE Keep these handy "OSX Mach-O File Format Referen

A curated list of not properly fixed apple security bugs and attempts to influence disclosure

bad-bad-apple A curated list of not properly fixed apple security bugs and attempts to influence disclosure This list will be filled over the next weeks with instances that we know of TODO All vulnerabilities require description, link to original source - writeups/talks/ Insufficiently patched iOS vulnerabilities The following table is work in progress It shows for every i

Local privilege escalation for OS X 10.10.5 via CVE-2016-1828.

rootsh rootsh is a local privilege escalation targeting OS X Yosemite 10105 build 14F27 It exploits CVE-2016-1758 and CVE-2016-1828, two vulnerabilities in XNU that were patched in OS X El Capitan 10114 and 10115 rootsh will not work on platforms with SMAP enabled CVE-2016-1758 CVE-2016-1758 is an information leak caused by copying out uninitialized bytes of kernel sta