Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-1130 PoC — Apple OS X Admin Framework 安全漏洞

Source
https://github.com/Shmoopi/RootPipe-Demo
Associated Vulnerability
Title:Apple OS X Admin Framework 安全漏洞 (CVE-2015-1130)
Description:Apple OS X是美国苹果(Apple)公司为Mac计算机所开发的一套专用操作系统。 Apple OS X 10.10.2及之前版本的Admin Framework中的XPC实现过程中存在安全漏洞。本地攻击者可利用该漏洞绕过身份验证,获取管理员权限。
Description
Proof of Concept OS X Application for RootPipe Privilege Escalation Vulnerability (CVE-2015-1130)
Readme
# RootPipe-Demo

This is a Proof-of-Concept Mac Application that demonstrates the RootPipe Privilege Escalation Vulnerability (CVE-2015-1130) identified by Emil Kvarnhammar from [TrueSec](https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/)

This demo was written in Objective-C, ported from the Python PoC here:  [RootPipe](https://github.com/hiburn8/rootpipe)

![Demo Mac Application](RootPipeDemo/Image/RootPipe-Demo.png)

## Usage

To use, simply give a path to a file that you want to have escalated permissions, then provide the path where you want the file to be copied to with the escalated permissions, then provide your permissions in octal format (i.e. 04777), and (optionally) provide the file owner name and group.  

## OS Support

Mac OS X 10.9 - Mac OS X 10.10.2

## License
MIT license. Copyright © 2015 [Shmoopi LLC](http://shmoopi.net/).
File Snapshot

 [4.0K]  /data/pocs/abd719f8fa7f337a90c42214924a4a2327801ae3
├── [ 903]  README.md
└── [4.0K]  RootPipeDemo
    ├── [4.0K]  Image
    │   └── [ 44K]  RootPipe-Demo.png
    ├── [4.0K]  RootPipeDemo
    │   ├── [ 761]  AppDelegate.h
    │   ├── [ 10K]  AppDelegate.m
    │   ├── [4.0K]  Base.lproj
    │   │   └── [ 56K]  MainMenu.xib
    │   ├── [4.0K]  Images.xcassets
    │   │   └── [4.0K]  AppIcon.appiconset
    │   │       ├── [ 937]  Contents.json
    │   │       └── [ 16K]  mac_red.png
    │   ├── [1.1K]  Info.plist
    │   └── [ 240]  main.m
    └── [4.0K]  RootPipeDemo.xcodeproj
        ├── [9.7K]  project.pbxproj
        ├── [4.0K]  project.xcworkspace
        │   ├── [ 157]  contents.xcworkspacedata
        │   └── [4.0K]  xcuserdata
        │       └── [4.0K]  kramer.xcuserdatad
        │           └── [ 21K]  UserInterfaceState.xcuserstate
        └── [4.0K]  xcuserdata
            └── [4.0K]  kramer.xcuserdatad
                └── [4.0K]  xcschemes
                    ├── [4.2K]  RootPipeDemo.xcscheme
                    └── [ 574]  xcschememanagement.plist

13 directories, 14 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.