-
-
[转帖]Sniffing Authentication References on macOS
-
发表于: 2020-3-20 09:57 4558
-
Original link: https://objective-see.com/blog/blog_0x55.html
Background
At DefCon 25, I presented a talk titled: “Death By 1000 Installers":
https://youtu.be/mBwXkqJ4Z6c
In this talk, I highlighted flaws in a myriad of (3rd-party) installers …flaws that allowed local attackers to escalate their privileges to root.
The general finding(s) of my research was that installers (that run with elevated privileges) often invoke insecure APIs or perform insecure actions:
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
赞赏
他的文章
看原图
赞赏
雪币:
留言: