CVE-2018-4280

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents Assembly C C# C++ CSS Dockerfile Go HTML Java JavaScript Jinja LOLCODE Logos Makefile Objective-C Objective-C++ Others Pascal Pawn Perl PowerShell Python Rust Shell Svelte Swift TypeScript Vue Assembly mass1ve-err0r/unibi-OSS - A Collection of full & partial code for CompSci / IT stude

osx-security-awesome A collection of OSX/iOS security related resources News Hardening Malware sample sources DFIR Reverse engineering Presentations and Papers Virus and exploit writeups Useful tools and guides Remote Access Toolkits Worth following on Twitter News Linking a microphone The Story of CVE-2018-4184 or how a vulnearbility in OSX's Sp

A collection of OSX and iOS security resources

osx-security-awesome A collection of OSX/iOS security related resources News Hardening Malware sample sources DFIR Reverse engineering Presentations and Papers Virus and exploit writeups Useful tools and guides Remote Access Toolkits Worth following on Twitter News Linking a microphone The Story of CVE-2018-4184 or how a vulnearbility in OSX's Sp

CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.

blanket Blanket is a sandbox escape targeting iOS 1126, although the main vulnerability was only patched in iOS 1141 It exploits a Mach port replacement vulnerability in launchd (CVE-2018-4280), as well as several smaller vulnerabilities in other services, to execute code inside the ReportCrash process, which is unsandboxed, runs as root, and has the task_for_pid-allow en