-
-
[转帖]Sniffing Authentication References on macOS
-
2020-3-20 09:57
-
Original link: https://objective-see.com/blog/blog_0x55.html
Background
At DefCon 25, I presented a talk titled: “Death By 1000 Installers":
https://youtu.be/mBwXkqJ4Z6c
In this talk, I highlighted flaws in a myriad of (3rd-party) installers …flaws that allowed local attackers to escalate their privileges to root.
The general finding(s) of my research was that installers (that run with elevated privileges) often invoke insecure APIs or perform insecure actions:
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
|
|
|---|---|
