Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-30955 PoC — Apple iOS 和 iPadOS 竞争条件问题漏洞

Source
https://github.com/markie-dev/desc_race_A15
Associated Vulnerability
Title:Apple iOS 和 iPadOS 竞争条件问题漏洞 (CVE-2021-30955)
Description:Apple iOS和Apple iPadOS都是美国苹果(Apple)公司的产品。Apple iOS是一套为移动设备所开发的操作系统。Apple iPadOS是一套用于iPad平板电脑的操作系统。 Apple iOS and iPadOS Kernel 存在竞争条件问题漏洞,该漏洞源于恶意的应用程序可以使用内核特权执行任意代码。以下产品及版本受到影响:iPhone 6s及以上、iPad Pro(所有型号)、iPad Air 2及以上、iPad 5及以上、iPad mini 4及以上、iPod touch(
Description
CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15)
Readme
# desc_race_A15
CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15)

- Made with SwiftUI and C
- Based off of [@b1n4r1b01's](https://twitter.com/b1n4r1b01/status/1498641177498644481?cxt=HHwWgsCj6b6Nn8wpAAAA) exploit
- [Write-up](https://www.cyberkl.com/cvelist/cvedetail/24) of @realBrightiup's POC
- Improves A14-A15 support
- Tested on iPhone 13 Pro Max


![gif](src/vidforgif.gif)








# Results
- Achieves write privileges
- Panic's immediately due to A12+
- generates logs in `/Settings/Privacy/Analytics&Improvements/Analytics Data`





# Screenshots

<p float="left">
  <img src="src/light.png" width="300" />
  <img src="src/dark.png" width="300" /> 
  <img src="src/sc.png" width="100" />
</p>


# Credits
- @realBrightiup
- @b1n4r1b01
- @jakeashacks
File Snapshot

 [4.0K]  /data/pocs/e62c4b3f3556570800ecb297dc863f8fbf50d6e4
├── [4.0K]  desc_race_A15
│   ├── [4.0K]  Assets.xcassets
│   │   ├── [4.0K]  AccentColor.colorset
│   │   │   └── [ 123]  Contents.json
│   │   ├── [4.0K]  AppIcon.appiconset
│   │   │   └── [1.6K]  Contents.json
│   │   └── [  63]  Contents.json
│   ├── [ 13K]  ContentView.swift
│   ├── [ 243]  desc_race_A15App.swift
│   ├── [ 167]  desc_race_A15-Bridging-Header.h
│   ├── [4.0K]  exploit
│   │   ├── [6.9K]  desc_race.c
│   │   ├── [ 214]  desc_race.h
│   │   ├── [7.7K]  iokit.h
│   │   ├── [ 21K]  spray_stuff.c
│   │   └── [ 887]  spray_stuff.h
│   └── [4.0K]  Preview Content
│       └── [4.0K]  Preview Assets.xcassets
│           └── [  63]  Contents.json
├── [4.0K]  desc_race_A15.xcodeproj
│   ├── [ 16K]  project.pbxproj
│   ├── [4.0K]  project.xcworkspace
│   │   ├── [ 135]  contents.xcworkspacedata
│   │   ├── [4.0K]  xcshareddata
│   │   │   └── [ 238]  IDEWorkspaceChecks.plist
│   │   └── [4.0K]  xcuserdata
│   │       └── [4.0K]  markie.xcuserdatad
│   │           └── [ 38K]  UserInterfaceState.xcuserstate
│   └── [4.0K]  xcuserdata
│       └── [4.0K]  markie.xcuserdatad
│           └── [4.0K]  xcschemes
│               └── [ 348]  xcschememanagement.plist
├── [ 34K]  LICENSE
├── [ 773]  README.md
└── [4.0K]  src
    ├── [158K]  dark.png
    ├── [165K]  light.png
    ├── [366K]  sc.png
    ├── [3.9M]  vidforgif.gif
    └── [1.9M]  vidforgif.mp4

16 directories, 24 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.