CodeColorist

  1. Home
  2. Posts Page 2
  • Revisiting An Old MediaRemote Bug (CVE-2018-4340)

    Revisiting An Old MediaRemote Bug (CVE-2018-4340)

    Useless bugs are just being given up too early.

    2020-05-27

  • Two macOS Persistence Tricks Abusing Plugins

    Two macOS Persistence Tricks Abusing Plugins

    Similar to DLL sideloading, legit plugins on macOS could be abused to load executable code on startup.

    2019-11-21

  • Rootpipe Reborn (Part II): CVE-2019-8565 Feedback Assistant Race Condition

    Rootpipe Reborn (Part II): CVE-2019-8565 Feedback Assistant Race Condition

    Relying on pid to validate IPC peer is unsafe.

    2019-04-21

  • Rootpipe Reborn (Part I): TimeMachine Command Injection

    Rootpipe Reborn (Part I): TimeMachine Command Injection

    Applying web security tricks to macOS LPE bugs.

    2019-04-13

  • One-liner Safari Sandbox Escape Exploit

    One-liner Safari Sandbox Escape Exploit

    TOCTOU bug in CoreFoundation and state change of sandbox lockdown on macOS Safari, leading to easy sandbox escape.

    2019-03-26

  • CVE-2018-4991: Adobe Creative Cloud Desktop Local Privilege Escalation via Signature Bypass

    CVE-2018-4991: Adobe Creative Cloud Desktop Local Privilege Escalation via Signature Bypass

    The private API design of XPC could make it hard for 3rd-party developers to write security code.

    2018-08-22

  • CVE-2018-8412: MS Office 2016 for Mac Privilege Escalation via a Legacy Package

    CVE-2018-8412: MS Office 2016 for Mac Privilege Escalation via a Legacy Package

    Code signature bypass and insecure sideloading gives root.

    2018-08-22

  • Something About #realworldctf doc2own

    Something About #realworldctf doc2own

    Get some real life 0day by playing CTF challenges.

    2018-08-07

  • Bypass macOS Rootless by Sandboxing

    Bypass macOS Rootless by Sandboxing

    Attacking the operating system by using its own security mechanism.

    2018-06-18

  1. 1
  2. 2
  3. 3

© 2025 CodeColorist. All rights reserved.

  • GitHub
  • Mastodon