CVE-2019-8781 PoC — Apple macOS Catalina Kernel组件缓冲区错误漏洞

Source

https://github.com/TrungNguyen1909/CVE-2019-8781-macOS

Associated Vulnerability

Title:Apple macOS Catalina Kernel组件缓冲区错误漏洞 (CVE-2019-8781)
Description:Apple macOS Catalina是美国苹果（Apple）公司的一套专为Mac计算机所开发的专用操作系统。Kernel是其中的一个内核组件。 Apple macOS Catalina 10.15之前版本中的Kernel组件存在安全漏洞。攻击者可利用该漏洞以内核权限执行任意代码。

Description

Exploit POC for the bug CVE-2019-8781, found by @LinusHenze

Readme

# CVE-2019-8781

## Security Advisory

[CVE-2019-8781](https://support.apple.com/en-vn/HT210634)

## POC Details

- The POC elevate the process to root and execute a shell.

## Exploit environment
	
	- macOS 10.14.6 (18G95) (Should works on all macOS version that's released before 10.15.0)
	
	- SMEP: On
	
	- SMAP: Off
	
	- Kernel ASLR slide passed to the argv[1]

## Building

- You will need Xcode 9.4.1 Command Line Tools to compile it.

- Check the `Makefile`.

## Writeups

- Checkout my blog, here is the [link](https://trungnguyen1909.github.io/blog/post/CampCTF/PwningKernelz/)

## Shoutouts

- Apple for the 0day.

- Linus Henze(@LinusHenze), for the bug, ofc =)))

File Snapshot


 [4.0K]  /data/pocs/3f8086bf5303fc514f45c6188497dffdc97c240b
├── [ 173]  asm.S
├── [1.1K]  definitions.h
├── [2.6K]  main.c
├── [  89]  Makefile
└── [ 675]  README.md

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!