Posted on 2023-10-15 in blog • Tagged with macOS, ASB, 0day, OBTS, talks
For those that missed the OBTS v6 conference and live stream, here are the slides of my talk:
Gergely Kalman: Unexpected Unreasonable Unfixable
There should be a video of the talk coming out on the official OBTS youtube channel as well.
As for me, I will publish a writeup for …
Posted on 2023-09-27 in blog • Tagged with macOS, ASB, tcc bypass, 0day
This post is a writeup of CVE-2023-38571, a macOS TCC bypass bug I found. It was supposed to be unveiled in my upcoming talk:
"Unexpected, Unreasonable, Unfixable: Filesystem Attacks on macOS" at OBTS v6,
but I needed to cut some bugs out. This is another one of them.
While …
Posted on 2023-09-26 in blog • Tagged with macOS, ASB, sbx, 0day
This post is a writeup of CVE-2023-32364, a macOS application sandbox escape bug I found. It was supposed to be unveiled in my upcoming talk:
"Unexpected, Unreasonable, Unfixable: Filesystem Attacks on macOS" at OBTS v6,
but I needed to cut some bugs out. This is one of them.