CVE-2016-4622 PoC — 多款Apple产品安全漏洞

Source

https://github.com/hdbreaker/WebKit-CVE-2016-4622

Associated Vulnerability

Title:多款Apple产品安全漏洞 (CVE-2016-4622)
Description:Apple iOS、Safari和tvOS都是美国苹果（Apple）公司的产品。Apple iOS是为移动设备所开发的一套操作系统；Safari是一款Web浏览器，是Mac OS X和iOS操作系统附带的默认浏览器；tvOS是一套智能电视操作系统。WebKit是KDE社区开发的一套开源Web浏览器引擎，目前被Apple Safari及Google Chrome等浏览器使用。 Apple iOS 9.3.3之前版本、Safari 9.1.2之前版本和tvOS 9.2.2之前版本中的WebKit中存在安全漏洞

Description

My journey through WebKit CVE-2016-4622 Exploitation process

File Snapshot


 [4.0K]  /data/pocs/d933174197524b9a5a59933a26e4763725e0d847
├── [4.0K]  Exploit
│   ├── [ 150]  poc-memleak.js
│   └── [ 898]  slice_over_array.js
├── [ 21K]  Readme.md
├── [4.0K]  Saelo-Exploit-CVE-2016-4622
├── [4.0K]  Screenshoots
│   ├── [208K]  arrayA1.png
│   ├── [279K]  fastSlice1.png
│   ├── [578K]  Mozilla1.png
│   ├── [161K]  SliceConsole3.png
│   └── [2.3M]  Stacktrace1.png
├── [4.0K]  WebKit-Bins
│   ├── [4.0K]  ASAN
│   │   ├── [4.0K]  JavaScriptCore.framework
│   │   │   └── [4.0K]  Versions
│   │   │       └── [4.0K]  A
│   │   │           └── [105M]  JavaScriptCore
│   │   ├── [1.0M]  jsc
│   │   ├── [1.4M]  libclang_rt.asan_osx_dynamic.dylib
│   │   └── [ 136]  Readme.md
│   └── [4.0K]  Debug
│       ├── [4.0K]  JavaScriptCore.framework
│       │   └── [4.0K]  Versions
│       │       └── [4.0K]  A
│       │           └── [ 51M]  JavaScriptCore
│       ├── [626K]  jsc
│       └── [ 136]  Readme.md
└── [4.0K]  WebKit-SRC-CVE-2016-4622

13 directories, 15 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!