Outer Web | Explore

Explore >> Select a destination

You are here		jhftss.github.io A New Era of macOS Sandbox Escapes: Diving into an Overlooked Attack Surface and Uncovering 10+ New Vulnerabilities - Mickey's Blogs - Exploring the world with my sword of debugger :)
\|	\|	codecolor.ist Bypass macOS Rootless by Sandboxing · CodeColorist	4.6 parsecs away Travel
\|	\|	This bug has been fixed in Mojave Beta, but still present in latest High Sierra (10.13.5). It's a logic bug that an entitled binary tries to load an insecure external library controllable by environment variable. To exploit it we need to abuse sandbox, which is interesting that sometimes a mitigation could be turned to an exploit.	4.6 parsecs away Travel
\|	\|	srcincite.io Smarty Template Engine Multiple Sandbox Escape PHP Code Injection Vulnerabilities	5.1 parsecs away Travel
\|	\|	In this blog post we explore two different sandbox escape vulnerabilities discovered in the Smarty Template Engine that can be leveraged by a context dependa...	5.1 parsecs away Travel
\|	\|	knight.sc syspolicyd internals \| Scott Knight	5.1 parsecs away Travel
\|	\|	With my previous post I took a look at the SystemPolicy.framework and how it kept track of 32-bit applications that had been run. In the process of looking into that I ended up looking into the internals of syspolicyd. Way back in macOS 10.10.5 syspolicyd was part of the security_systemkeychain source code that Apple releases with each version of macOS. Unfortunately since that time syspolicyd was moved out of the security_systemkeychain package and closed sourced. This post details the internals of sysp...	5.1 parsecs away Travel
\|	\|	www.github.com Pulse · Krayorn/blog · GitHub	18.2 parsecs away Travel
\|		my blog, with astro. Contribute to Krayorn/blog development by creating an account on GitHub.	18.2 parsecs away Travel