Posted on 2023-11-15 in blog • Tagged with macOS, ASB, tcc bypass, 0day
Wow, two blogposts in two days! Is this a new writeup schedule?
No, it's not. But, since I'm presently just ill enough to not be productive, yet well enough to write, I figured I'd chip away at my horrendous (writeup) debt while I wait for the immune fairy to arrive …
Posted on 2023-11-14 in blog • Tagged with macOS, ASB, tcc bypass, 0day
Since I owe you guys a bunch of writeups from my talk ( Unexpected, Unreasonable, Unfixable: Filesystem Attacks on macOS), I decided that I'll tackle lateralus today.
It's a simple, clean bug with a quick and satisfying resolution. I have been bitching about Apple in the past blogpost (and on twitter …
Posted on 2023-09-27 in blog • Tagged with macOS, ASB, tcc bypass, 0day
This post is a writeup of CVE-2023-38571, a macOS TCC bypass bug I found. It was supposed to be unveiled in my upcoming talk:
"Unexpected, Unreasonable, Unfixable: Filesystem Attacks on macOS" at OBTS v6,
but I needed to cut some bugs out. This is another one of them.
While …