Back to directory
WRITEUP #733

The Nightmare of Apple's OTA Update: Bypassing the Signature Verification and Pwning the Kernel

OtherSignature validation bypassTOCTOUSIP bypassDowngrade attackKernel hackingReverse engineering
by@patch1t(Mickey Jin)
Program
Apple (macOS)
Published
Oct 15, 2023
Added to HackDex
Feb 1, 2024
Read Full Writeuphttps://jhftss.github.io/The-Nightmare-of-Apple-OTA-Update/
RELATED WRITEUPS
Firmware Security: Alcatel-Lucent ALE-DeskPhone
Privilege EscalationVoIP hacking
Data Theft in Salesforce: Manipulating Public Links
OtherSOQL injection
When Certificates Fail: A Story of Bypassed MFA in Remote Access
Other2FA / MFA bypass
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff
OtherSSTI
Ghost In The Ppl Part 1: Byovdll
OtherUse-After-Free

Built with ❤️ by Shubham Rawat