CVE-2016-4655

Added support for different phones

Trident This exploits the following two CVEs: CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app CVE-2016-4657 (WebKit exploit) is NOT included despite the name of the project b

open source "untether" for 32bit 8.4.1-9.1 untethered jailbreak. codesign bypass & kernel exploit

daibutsu 70-91 untether only (for 32/64 bit iOS) 841 Jailbreak for 32 bits 警告 日本国内において、及び日本国内向けに悪用することを禁じます。 exploit A dyld exploit that overrides the MISValidateSignature in libmisdylib (CVE-2015-7079) OSUnserialize kernel Infoleak(CVE-2016-4655) pegasus kernel exploit (CVE-2016-4656) dyld Change dyld_shar

📝 The third MOSEC mobile security technology summit 第三届 MOSEC 移动安全技术峰会参会分享

首先简单介绍下背景，MOSEC 是盘古团队和 POC 主办的移动安全技术峰会，到今年已经是第三届，虽然从影响力来看，不如一些重量级的黑客大会，比如 Black Hat 和 DEFCon，但是从这三届大会的参会者的反馈来看，会议的议题的质量都不错，聚焦移动安全领域前沿性的技术议题及发展趋势，再

open source "untether" for 32bit 8.4.1-9.1 untethered jailbreak. codesign bypass & kernel exploit

daibutsu 70-91 untether only (for 32/64 bit iOS) 841 Jailbreak for 32 bits 警告 日本国内において、及び日本国内向けに悪用することを禁じます。 exploit A dyld exploit that overrides the MISValidateSignature in libmisdylib (CVE-2015-7079) OSUnserialize kernel Infoleak(CVE-2016-4655) pegasus kernel exploit (CVE-2016-4656) dyld Change dyld_shar

8.4.1 Jailbreak using CVE-2016-4655 / CVE-2016-4656

skybreak 841 Jailbreak using CVE-2016-4655 / CVE-2016-4656 Credit: Bellis1000 (Billy Ellis), jndok

OS X 10.11.6 LPE PoC for CVE-2016-4655 / CVE-2016-4656

PegasusX OS X 10116 LPE PoC for CVE-2016-4655 / CVE-2016-4656 CVEs Analysis & Writeup A detailed analysis of the CVEs used in this PoC is available here: Analysis and exploitation of Pegasus kernel vulnerabilities (CVE-2016-4655 / CVE-2016-4656)

A curated list of not properly fixed apple security bugs and attempts to influence disclosure

bad-bad-apple A curated list of not properly fixed apple security bugs and attempts to influence disclosure This list will be filled over the next weeks with instances that we know of TODO All vulnerabilities require description, link to original source - writeups/talks/ Insufficiently patched iOS vulnerabilities The following table is work in progress It shows for every i

Trident THIS VERSION WAS MADE AND COMPILED BY /u/mehulrao This exploits the following two CVEs: CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app CVE-2016-4657 (WebKit exploit)

32-bit exploit for iOS <9.3.5

Trident This exploits the following two CVEs: CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app CVE-2016-4657 (WebKit exploit) is NOT included despite the name of the project b

NOT WORKING AT THE MOMENT

Trident This exploits the following two CVEs: CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app CVE-2016-4657 (WebKit exploit) is NOT included despite the name of the project b

Trident Exploitation of: CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app CVE-2016-4657 (WebKit exploit) is NOT included even if the project is called Trident, it is only abou

Local privilege escalation for OS X 10.11.6 via PEGASUS

#Local privilege escalation for OS X 10116 via PEGASUS Write up: 1 Chinese Version: jaqalibabacom/community/art/show?articleid=531 2 English Version: jaqalibabacom/community/art/show?articleid=532 by Min(Spark) Zheng (twitter@SparkZheng, weibo@蒸米spark) Note: 1 If you want to test this exp, you should not install Security Update 2016-001 (like

My first iOS 'jailbreak' , using CVE 2016-4655 & CVE 2016-4656

br0ke My first iOS 'jailbreak' , using CVE 2016-4655 &amp; CVE 2016-4656 For now only iPad2,7 on iOS 91 is supported(fixed offsets) I added some comments for helping beginners(like me) to understand the code easier

Trident Exploitation of: CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app CVE-2016-4657 (WebKit exploit) is NOT included even if the project is called Trident, it is only abou