关联漏洞
标题:
Apple iOS和Apple iPadOS 安全漏洞
(CVE-2025-24252)
描述:Apple iOS和Apple iPadOS都是美国苹果(Apple)公司的产品。Apple iOS是一套为移动设备所开发的操作系统。Apple iPadOS是一套用于iPad平板电脑的操作系统。 Apple iOS 18.4之前版本和Apple iPadOS 18.4之前版本存在安全漏洞,该漏洞源于内存管理不当导致的释放后重用问题,可能破坏进程内存。
描述
CVE-2025-24252
介绍
# CVE-2025-24252 iOS "Airborne" Vulnerabilities - Log Artifact Extractor 🚨
# Description:
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia `15.4`, tvOS `18.4`, macOS Ventura `13.7.5`, iPadOS `17.7.6`, macOS Sonoma `14.7.5`, iOS `18.4` and iPadOS `18.4`, visionOS `2.4`. An attacker on the local network may be able to corrupt process memory.
# Metrics:
ADP: `CISA-ADP` Base Score: 9.8 CRITICAL ⚫ Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
# CVE-2025-24252 – mDNS TXT Record Crash Trigger:
This vulnerability affects `AirPlayReceiver` and is triggered via malformed mDNS TXT records.
# Setup on Kali Linux
```
sudo apt update
sudo apt install python3-scapy avahi-daemon -y
sudo systemctl start avahi-daemon
```
Wi-Fi Adapter Requirement
To run crashtest_CVE-2025-24252.py and chain_exploit.py, you must use a Wi-Fi adapter that supports monitor mode.
# Before running the scanner or chain exploit, make sure to:
```
sudo ip link set wlan0 down
sudo iwconfig wlan0 mode monitor
sudo ip link set wlan0 up
```
Replace wlan0 with the name of your adapter
You must be on the same Wi-Fi network as the target Apple devices
Monitor mode is required to properly receive multicast mDNS traffic over port 5353
# Clone the Repo:
```
git clone https://github.com/B1ack4sh/Blackash-CVE-2025-24252.git
cd Blackash-CVE-2025-24252
```
# Configure the PoC:
```
nano CVE-2025-24252.py
```
Set your attacker IP and interface. Then save and exit (`CTRL+X`, then `Y`, then `ENTER`).
# Run the PoC:
```
sudo python3 CVE-2025-24252.py
```
# Monitor Target Behavior:
Use tcpdump or Wireshark to capture traffic on the Apple device’s IP.
# Reminder:
`Only test this on your own Apple devices in a safe lab setting.`
# Disclaimer ⚠️
For educational and research purposes only. Use only against systems you own or have permission to test.
文件快照
[4.0K] /data/pocs/c20e1fbee5e45872c0514f5f014d299808555ee3
├── [1.3K] CVE-2025-24252.py
└── [1.9K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。