CVE-2018-4087 PoC — Apple iOS、tvOS和watchOS Core Bluetooth 安全漏洞

Source

Associated Vulnerability

Title:Apple iOS、tvOS和watchOS Core Bluetooth 安全漏洞 (CVE-2018-4087)
Description:Apple iOS、tvOS和watchOS都是美国苹果（Apple）公司的产品。Apple iOS是为移动设备所开发的一套操作系统；tvOS是一套智能电视操作系统；watchOS是一套智能手表操作系统。Core Bluetooth是其中的一个核心蓝牙组件。 Apple iOS 11.2.5之前的版本、tvOS 11.2.5之前的版本和watchOS之前的4.2.2版本中的Core Bluetooth组件存在安全漏洞。远程攻击者可利用该漏洞以系统权限执行任意代码或造成拒绝服务。

Description

Exploit iOS 11.2.x by ZIMPERIUM and semi-completed by me. Sandbox escapes on CVE-2018-4087.

Readme

# Exploit11.2
Exploit iOS 11.2.x by ZIMPERIUM and semi-completed by me. Sandbox escapes on CVE-2018-4087.This checks also of a root access incompleted. 

You can creat an app to running exploit on your device (if you are a developer) and turn the root access @. 


Thanks to:
•RaniXCH, Adam Donenfeld, Abraham Masri and ZIMPERIUM TEAM.
•th0ex & x0x8_os for collaborating with me.

File Snapshot


 [4.0K]  /data/pocs/0063bce74bcb8fdbbb8b72a17a1d3b58cb67cab3
├── [ 369]  arm64.plist
├── [ 295]  exploit.h
├── [ 16K]  exploit.m
├── [665K]  F8BC5CE0-2710-45CF-8AB8-F7F743FB7EE7.png
├── [ 375]  r00t_access.h
└── [ 384]  README.md

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!