Skip to content

jhftss/CVE-2022-22639

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 

Repository files navigation

Details

See Blog:

https://www.trendmicro.com/en_us/research/22/d/macos-suhelper-root-privilege-escalation-vulnerability-a-deep-di.html

Exploitation of CVE-2022-22639

  1. Compile with command: clang exploit.m -o /tmp/exploit -framework Foundation -fobjc-arc -fobjc-link-runtime /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/PrivateFrameworks/SoftwareUpdate.framework/Versions/A/SoftwareUpdate.tbd
  2. Unzip InstallAssistant.gz to /tmp folder
  3. run /tmp/exploit

Demo

https://www.youtube.com/watch?v=-vbkTLHh874

About

CVE-2022-22639: Get a Root Shell on macOS Monterey

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published