Exploiting Directory Permissions on macOS

Exploiting Directory Permissions on macOS

Hack In The Box Security Conference via YouTube Direct link

Install History.plist file - Arbitrary file overwrite vulnerability (CVE-2020-3830)

14 of 28

14 of 28

Install History.plist file - Arbitrary file overwrite vulnerability (CVE-2020-3830)

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Exploiting Directory Permissions on macOS

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 whoami
  3. 3 agenda
  4. 4 POSIX model - scenarios
  5. 5 flag modifiers
  6. 6 sticky bit
  7. 7 Access Control Lists
  8. 8 sandbox example (mds)
  9. 9 static method
  10. 10 dynamic method
  11. 11 general idea
  12. 12 problems
  13. 13 controlling content
  14. 14 Install History.plist file - Arbitrary file overwrite vulnerability (CVE-2020-3830)
  15. 15 Adobe Reader macOS installer - arbitrary file overwrite vulnerability (CVE-2020-3763)
  16. 16 Grant group write access to plist files via Diagnostic Messages History.plist (CVE-2020-3835)
  17. 17 macOS fontmover - file disclosure vulnerability (CVE-2019-8837)
  18. 18 exploitation
  19. 19 fix
  20. 20 macOS Diagnostic Messages arbitrary file overwrite vulnerability (CVE-2020-3855)
  21. 21 Adobe Reader macOS installer - LPE (CVE-2020-3762)
  22. 22 macOS periodic scripts - 320.whatis script LPE (CVE-2019-8802)
  23. 23 makewhatis
  24. 24 whatis database
  25. 25 OverSight
  26. 26 Installers
  27. 27 move operation
  28. 28 Objective-C

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.