Blog Archives

Exploiting rootpipe again

Background and acknowledgement This full disclosure is based on my discovery of a privilege escalation vulnerability in Apple OS X called rootpipe. Read my full disclosure on rootpipe here for some background info. Big thanks to Patrick Wardle who inspired

Tagged with: , ,
Posted in General

OS X 10.10.3 still vulnerable

I just wanted to notify our readers interested in OS X security about a new finding that Patrick Wardle has made. He stated in his blog that he’s able to exploit rootpipe on a fully patched OS X 10.10.3! If

Tagged with: , , ,
Posted in Hacking

Hidden backdoor API to root privileges in Apple OS X

TL;DR The Admin framework in Apple OS X contains a hidden backdoor API to root privileges. It’s been there for several years (at least since 2011), I found it in October 2014 and it can be exploited to escalate privileges

Tagged with: , ,
Posted in Hacking