IOHIDeous - "One tiny, ugly bug. Fifteen years. Full system compromise."
Fuck it, dropping a macOS 0day. Happy New Year, everyone. https://t.co/oG2nOlUOjk — Siguza (@s1guza) December 31, 2017 A macOS kernel exploit based on an IOHIDFamily 0day. [...] One tiny, ugly bug. Fifteen years. Full system compromise. [...] The prefetch timing attack I'm using for hid for some reason doesn't work on High Sierra 10.13.2 anymore, and I don't feel like investigating that. Maybe patched, maybe just the consequence of a random change, I neither know nor care. The vuln is still there and my code does both info leak and kernel r/w, just not in the same binary - reason is explained in the write-up. If you want that feature, consider it an exercise for the reader. [ IOHIDeous @ GitHub | IOHIDeous - teljes leírás ]