Gatekeeper Bypass Proof Of Concept

Discussion in 'News Aggregator' started by Packet Storm, 5 Oct 2021.

  1. Packet Storm

    Packet Storm Guest

    This script will create a zip file exploiting CVE-2021-1810 by creating a directory hierarchy deep enough for Archive Utility to fail setting quarantine attributes on certain files while also making some path names long enough to prevent Safari automating unzipping from unpacking the archive. Finally, the script will create a symbolic link at the top level, making the zip file appear like a normal app bundle zip file.

    Continue reading...
     

Share This Page

Loading...