mjtsai + theevilbit   2

Beyond excited to talk at @HITBSecConf about "Exploiting directory permissions on macOS". We will see symlink attacks, some application reverse engineering, tricks to inject content into root owned files and get root via manpages :) #HITB2020AMS

— Csaba Fitzl (@theevilbit) February 13, 2020
FavoriteTweet  theevilbit 
6 weeks ago by mjtsai
I think I had a productive week in my macOS research. Found:
1. Complete sandbox escape affecting multiple services
2. Privacy protection bypass
3. Unauthorized access vulnerability ~priv esc
2 & 3 are tweetable

— Csaba Fitzl (@theevilbit) November 17, 2019
FavoriteTweet  theevilbit 
november 2019 by mjtsai

Copy this bookmark: