Trident
This exploits the following two CVEs:
CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app
CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app
CVE-2016-4657 (WebKit exploit) is NOT included despite the name of the project b
OS X 10.11.6 LPE PoC for CVE-2016-4655 / CVE-2016-4656
PegasusX
OS X 10116 LPE PoC for CVE-2016-4655 / CVE-2016-4656
CVEs Analysis & Writeup
A detailed analysis of the CVEs used in this PoC is available here: Analysis and exploitation of Pegasus kernel vulnerabilities (CVE-2016-4655 / CVE-2016-4656)
A curated list of not properly fixed apple security bugs and attempts to influence disclosure
bad-bad-apple
A curated list of not properly fixed apple security bugs and attempts to influence disclosure
This list will be filled over the next weeks with instances that we know of
TODO
All vulnerabilities require description, link to original source - writeups/talks/
Insufficiently patched iOS vulnerabilities
The following table is work in progress It shows for every i
Trident
THIS VERSION WAS MADE AND COMPILED BY /u/mehulrao
This exploits the following two CVEs:
CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app
CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app
CVE-2016-4657 (WebKit exploit)
Trident
This exploits the following two CVEs:
CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app
CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app
CVE-2016-4657 (WebKit exploit) is NOT included despite the name of the project b
Trident
This exploits the following two CVEs:
CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app
CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app
CVE-2016-4657 (WebKit exploit) is NOT included despite the name of the project b
Trident
Exploitation of:
CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app
CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app
CVE-2016-4657 (WebKit exploit) is NOT included even if the project is called Trident, it is only abou
Local privilege escalation for OS X 10.11.6 via PEGASUS
#Local privilege escalation for OS X 10116 via PEGASUS
Write up:
1 Chinese Version: jaqalibabacom/community/art/show?articleid=531
2 English Version: jaqalibabacom/community/art/show?articleid=532
by Min(Spark) Zheng (twitter@SparkZheng, weibo@蒸米spark)
Note:
1 If you want to test this exp, you should not install Security Update 2016-001
(like
My first iOS 'jailbreak' , using CVE 2016-4655 & CVE 2016-4656
br0ke
My first iOS 'jailbreak' , using CVE 2016-4655 & CVE 2016-4656
For now only iPad2,7 on iOS 91 is supported(fixed offsets)
I added some comments for helping beginners(like me) to understand the code easier
Trident
Exploitation of:
CVE-2016-4655: allow an attacker to obtain sensitive information from kernel memory via a crafted app
CVE-2016-4656: allow an attacker to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app
CVE-2016-4657 (WebKit exploit) is NOT included even if the project is called Trident, it is only abou