CVE-2020-9934 PoC — 多款Apple产品CoreFoundation组件安全漏洞

Source

https://github.com/mattshockl/CVE-2020-9934

Associated Vulnerability

Title:多款Apple产品CoreFoundation组件安全漏洞 (CVE-2020-9934)
Description:Apple iPadOS和Apple macOS Catalina都是美国苹果（Apple）公司的产品。Apple iPadOS是一套用于iPad平板电脑的操作系统。Apple macOS Catalina是一套专为Mac计算机所开发的专用操作系统。 Apple macOS Catalina 10.15.6之前版本、iOS 13.6之前版本和iPadOS 13.6之前版本中的CoreFoundation组件存在安全漏洞。本地攻击者可利用该漏洞获取敏感的用户信息。

Description

CVE-2020–9934 POC

Readme

# CVE-2020-9934

This Proof of Concept is a simple Swift program that will give itself and Terminal every kTCCService entitlement (pulled from tccd) and then do four things:
* Create a file named "<<<\<BYPASS>>>>" in the TCC-protected directory
* Read the data from said file from within the TCC-protected directory
* List all files in the TCC-directory (including "<<<\<BYPASS>>>>")
* Remove the file from the TCC-protected directory

Usage:
`./bypasstc <tcc-protected directory>`

See the [full writeup on Medium](https://medium.com/@mattshockl/cve-2020-9934-bypassing-the-os-x-transparency-consent-and-control-tcc-framework-for-4e14806f1de8)

File Snapshot


 [4.0K]  /data/pocs/dd32fa32910a0b99ca058bac0943392aaaa0eda7
├── [8.9K]  BypassTCC.swift
├── [1.7K]  main.swift
└── [ 645]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!