CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.
☆59Oct 28, 2018Updated 7 years ago
Alternatives and similar repositories for launchd-portrep
Users that are interested in launchd-portrep are comparing it to the libraries listed below
Sorting:
- Chaos iOS < 12.1.2 PoC by @S0rryMyBad since he posted it as a photo rather than a source code. Also cleaned up.☆64Mar 23, 2023Updated 2 years ago
- powerd exploit : Sandbox escape to root for Apple iOS < 12.2 on A11 devices☆110Mar 28, 2019Updated 6 years ago
- App sandbox escapes for macOS☆31May 20, 2020Updated 5 years ago
- ☆32Apr 22, 2019Updated 6 years ago
- macOS kext for host_special_port(4) patch☆90Nov 13, 2023Updated 2 years ago
- CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesign…☆257Nov 13, 2018Updated 7 years ago
- PoC☆212Jan 13, 2025Updated last year
- CVE-2018-4248: Out-of-bounds read in libxpc during string serialization.☆54Jul 10, 2018Updated 7 years ago
- A library to execute code in the context of other processes on iOS 11.☆82Jul 25, 2018Updated 7 years ago
- PoC for the iOS 11.4.1 and MacOS 10.13 kernel vulnerability in lio_listio☆78Oct 31, 2018Updated 7 years ago
- just a kernelgrabber, for those who can't reach out of sandbox☆18Feb 24, 2024Updated 2 years ago
- Slides from my conference presentations.☆80Aug 5, 2020Updated 5 years ago
- Accessing physical memory on iOS.☆52Sep 21, 2020Updated 5 years ago
- iOS ARM64 kernel patchfinder☆77Aug 23, 2019Updated 6 years ago
- ☆105Dec 9, 2019Updated 6 years ago
- Lockdown related research, tools and POCs.☆90May 18, 2019Updated 6 years ago
- iOS 10.0-12.2 tfp0☆131Sep 3, 2019Updated 6 years ago
- ☆16Jul 30, 2020Updated 5 years ago
- Extract and generate code based on name and type for mig func/arg/request&reply member etc, ideal helper for creating monitor, tracker, f…☆19Jun 5, 2018Updated 7 years ago
- Demo: Anti Anti-Debug in iOS Kernel☆74Nov 29, 2017Updated 8 years ago
- Array.prototype.slice wrong alias information.☆68Mar 25, 2019Updated 6 years ago
- SnatchBox (CVE-2020-27935) is a sandbox escape vulnerability and exploit affecting macOS up to version 10.15.x☆32Dec 18, 2020Updated 5 years ago
- ios kernel class tree☆23May 30, 2019Updated 6 years ago
- xnu kernel heap info leak☆71Nov 21, 2019Updated 6 years ago
- An iOS kernel exploit for iOS 11 through 12.1.2. Works on A7 - A11 devices.☆103Mar 16, 2019Updated 6 years ago
- CVE-2017-13868: Information leak of uninitialized kernel heap data in XNU.☆27Dec 7, 2017Updated 8 years ago
- iOS KEXT loader 7.x-9.x☆96Aug 13, 2017Updated 8 years ago
- exploit for CVE-2018-4193☆69Feb 13, 2019Updated 7 years ago
- Radare2 plugin to parse modern iOS 64-bit kernel caches☆28Mar 10, 2019Updated 6 years ago
- iOS ARM64 kernel patchfinder☆22Jun 28, 2020Updated 5 years ago
- macOS 10.13.3 (17D47) Safari Wasm Exploit☆119Apr 19, 2018Updated 7 years ago
- Local privilege escalation through macOS 10.12.1 via CVE-2016-1825 or CVE-2016-7617.☆66Jan 16, 2017Updated 9 years ago
- Providing a great interface to the iOS kernel, hardware, threads and processes in a great research environment. (WIP)☆30Aug 6, 2019Updated 6 years ago
- Give me tfp0, I give you jelbrek☆260Oct 28, 2020Updated 5 years ago
- Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018☆180Feb 7, 2024Updated 2 years ago
- ☆522Feb 22, 2020Updated 6 years ago
- POC for CVE-2018-4327☆42Sep 13, 2018Updated 7 years ago
- Experiment to attempt to build Apple's dyld tools.☆63May 29, 2020Updated 5 years ago
- An IDA (Interactive Disassembler) script that can save a chunk of binary from an address.☆11Apr 10, 2019Updated 6 years ago