Explore >> Select a destination
|
You are here 
|
blog.xpnsec.com | ||
| | | | |
knight.sc
|
|
| | | | | Recently while looking into the Apple adid daemon, I noticed that I couldn't attach to the process with lldb even if SIP was completely disabled. After digging into it a little bit I came to the conclusion that adid was calling the ptrace API passing in PT_DENY_ATTACH. There are numerous other posts out there (like this one) that talk about defeating PT_DENY_ATTACH if you're running the application yourself. In my case adid is started as a LaunchDaemon and is already running by the time a user is logged in. I decided to take a look at how you could defeat the ptrace call even after the application is already running. | |
| | | | |
blog.quarkslab.com
|
|
| | | | | The following article explains how during a Purple Team engagement we were able to identify a vulnerability in Microsoft Teams on macOS allowing us to access a user's camera and microphone. | |
| | | | |
truesecdev.wordpress.com
|
|
| | | | | Background and acknowledgement This full disclosure is based on my discovery of a privilege escalation vulnerability in Apple OS X called rootpipe. Read my full disclosure on rootpipe here for some background info. Big thanks to Patrick Wardle who inspired me to start new investigations, by saying that he found a way to re-abuse rootpipe... | |
| | | | |
andybrown.me.uk
|
|
| | | Here we have a good example of how a requirement for a simple tool spirals out of control and spawns a project that takes months to complete and ends up dwarfing the project that it was originally ... | ||
