Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-1322 PoC — Apple OS X kernel 信息泄露漏洞

Source
https://github.com/raymondpittman/IPC-Memory-Mac-OSX-Exploit
Associated Vulnerability
Title:Apple OS X kernel 信息泄露漏洞 (CVE-2014-1322)
Description:Apple OS X是美国苹果(Apple)公司为Mac计算机所开发的一套专用操作系统。 Apple OS X 10.9.2及之前版本中的kernel存在安全漏洞,该漏洞源于存储于XNU对象的内核指针可以从用户空间进行检索。本地攻击者可通过读取内核指针利用该漏洞绕过ASLR保护机制。
Description
CVE-2014-1322 - IPC Local Security Bypass | Mac OSX (Affected. >= 10.9.2)
Readme
# IPC-Memory-Mac-OSX-Exploit
IPC Local Security Bypass

Inter Process Communication through shared memory is a concept where two or more process can access the common memory. And communication is done via this shared memory where changes made by one process can be viewed by another process.

The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object.

# Details
https://nvd.nist.gov/vuln/detail/CVE-2014-1322
File Snapshot

 [4.0K]  /data/pocs/816ae01a74678498149d10b1a5fc2b9257c9bedf
├── [1.4K]  main.cpp
└── [ 606]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.