├── .clang-format ├── .gitignore ├── .gitmodules ├── 3rd-party ├── adobe │ └── CVE-2018-4991 │ │ ├── Makefile │ │ ├── README.md │ │ └── exp.m └── ms │ └── CVE-2018-8412 │ ├── .gitignore │ ├── Makefile │ ├── README.md │ ├── getpkg.sh │ ├── root.mm │ └── xpc.mm ├── README.md └── macOS ├── CVE-2018-4310-mediaremote ├── Makefile └── poc.m ├── CVE-2019-8513-timemachine ├── .gitignore ├── Makefile ├── README.md └── exp.m ├── CVE-2019-8565-fbahelperd ├── .gitignore ├── Makefile ├── README.md └── exploit.m ├── CVE-2020-9979-mobileasset ├── build.sh ├── dict │ ├── .gitignore │ ├── AssetInfo.plist │ ├── Makefile │ ├── MyDictionary.css │ ├── MyDictionary.xml │ ├── MyInfo.plist │ ├── OtherResources │ │ └── .gitignore │ └── info.py ├── escape │ ├── .gitignore │ ├── Makefile │ ├── Mojave │ │ ├── MobileAsset.h │ │ ├── WebCoreApi.c │ │ ├── WebCoreApi.h │ │ ├── exploit.h │ │ └── exploit.m │ ├── cli.m │ └── loader │ │ ├── .gitignore │ │ ├── Makefile │ │ ├── common.h │ │ ├── launcher.c │ │ ├── payload.m │ │ ├── pipeline.py │ │ └── stage1.s.in ├── restore │ ├── Makefile │ ├── restore.h │ └── restore.m └── utils │ ├── .gitignore │ ├── DictAssets.h │ ├── DictAssets.m │ ├── MobileAsset.h │ └── config.in.h ├── ModJack ├── .clang-format ├── .gitignore ├── README.md ├── build.sh ├── kernel │ ├── Makefile │ ├── fruit │ │ └── symbols │ ├── jail.sb │ └── src │ │ ├── exploit.h │ │ ├── exploit.m │ │ ├── kextd.m │ │ ├── kickstart.m │ │ ├── log.h │ │ ├── patch.h │ │ ├── patch.m │ │ ├── rootless.m │ │ ├── symbols.m │ │ └── taylor.swift └── libinj │ ├── Makefile │ ├── injector.c │ ├── injector.h │ ├── offsets.py │ ├── shellcode.c │ └── test.c └── up-to-10.13.6-sbx ├── .gitignore ├── Default.png ├── Info.plist ├── Makefile ├── README.md ├── escape.h ├── escape.m └── main.html /.clang-format: -------------------------------------------------------------------------------- 1 | ColumnLimit: 120 -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/.gitignore -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/.gitmodules -------------------------------------------------------------------------------- /3rd-party/adobe/CVE-2018-4991/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/3rd-party/adobe/CVE-2018-4991/Makefile -------------------------------------------------------------------------------- /3rd-party/adobe/CVE-2018-4991/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/3rd-party/adobe/CVE-2018-4991/README.md -------------------------------------------------------------------------------- /3rd-party/adobe/CVE-2018-4991/exp.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/3rd-party/adobe/CVE-2018-4991/exp.m -------------------------------------------------------------------------------- /3rd-party/ms/CVE-2018-8412/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/3rd-party/ms/CVE-2018-8412/.gitignore -------------------------------------------------------------------------------- /3rd-party/ms/CVE-2018-8412/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/3rd-party/ms/CVE-2018-8412/Makefile -------------------------------------------------------------------------------- /3rd-party/ms/CVE-2018-8412/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/3rd-party/ms/CVE-2018-8412/README.md -------------------------------------------------------------------------------- /3rd-party/ms/CVE-2018-8412/getpkg.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/3rd-party/ms/CVE-2018-8412/getpkg.sh -------------------------------------------------------------------------------- /3rd-party/ms/CVE-2018-8412/root.mm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/3rd-party/ms/CVE-2018-8412/root.mm -------------------------------------------------------------------------------- /3rd-party/ms/CVE-2018-8412/xpc.mm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/3rd-party/ms/CVE-2018-8412/xpc.mm -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/README.md -------------------------------------------------------------------------------- /macOS/CVE-2018-4310-mediaremote/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2018-4310-mediaremote/Makefile -------------------------------------------------------------------------------- /macOS/CVE-2018-4310-mediaremote/poc.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2018-4310-mediaremote/poc.m -------------------------------------------------------------------------------- /macOS/CVE-2019-8513-timemachine/.gitignore: -------------------------------------------------------------------------------- 1 | bin/ 2 | .ccls-cache/ 3 | 4 | .DS_Store 5 | -------------------------------------------------------------------------------- /macOS/CVE-2019-8513-timemachine/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2019-8513-timemachine/Makefile -------------------------------------------------------------------------------- /macOS/CVE-2019-8513-timemachine/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2019-8513-timemachine/README.md -------------------------------------------------------------------------------- /macOS/CVE-2019-8513-timemachine/exp.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2019-8513-timemachine/exp.m -------------------------------------------------------------------------------- /macOS/CVE-2019-8565-fbahelperd/.gitignore: -------------------------------------------------------------------------------- 1 | bin/ -------------------------------------------------------------------------------- /macOS/CVE-2019-8565-fbahelperd/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2019-8565-fbahelperd/Makefile -------------------------------------------------------------------------------- /macOS/CVE-2019-8565-fbahelperd/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2019-8565-fbahelperd/README.md -------------------------------------------------------------------------------- /macOS/CVE-2019-8565-fbahelperd/exploit.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2019-8565-fbahelperd/exploit.m -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/build.sh -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/dict/.gitignore: -------------------------------------------------------------------------------- 1 | objects/ 2 | .DS_Store 3 | OtherResources/SexyMenu.menu 4 | -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/dict/AssetInfo.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/dict/AssetInfo.plist -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/dict/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/dict/Makefile -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/dict/MyDictionary.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/dict/MyDictionary.css -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/dict/MyDictionary.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/dict/MyDictionary.xml -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/dict/MyInfo.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/dict/MyInfo.plist -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/dict/OtherResources/.gitignore: -------------------------------------------------------------------------------- 1 | example.app/ 2 | restore -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/dict/info.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/dict/info.py -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/.gitignore: -------------------------------------------------------------------------------- 1 | bin/ 2 | -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/Makefile -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/Mojave/MobileAsset.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/Mojave/MobileAsset.h -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/Mojave/WebCoreApi.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/Mojave/WebCoreApi.c -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/Mojave/WebCoreApi.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/Mojave/WebCoreApi.h -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/Mojave/exploit.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/Mojave/exploit.h -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/Mojave/exploit.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/Mojave/exploit.m -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/cli.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/cli.m -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/loader/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/loader/.gitignore -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/loader/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/loader/Makefile -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/loader/common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/loader/common.h -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/loader/launcher.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/loader/launcher.c -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/loader/payload.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/loader/payload.m -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/loader/pipeline.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/loader/pipeline.py -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/escape/loader/stage1.s.in: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/escape/loader/stage1.s.in -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/restore/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/restore/Makefile -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/restore/restore.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/restore/restore.h -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/restore/restore.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/restore/restore.m -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/utils/.gitignore: -------------------------------------------------------------------------------- 1 | config.gen.h -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/utils/DictAssets.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/utils/DictAssets.h -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/utils/DictAssets.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/utils/DictAssets.m -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/utils/MobileAsset.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/utils/MobileAsset.h -------------------------------------------------------------------------------- /macOS/CVE-2020-9979-mobileasset/utils/config.in.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/CVE-2020-9979-mobileasset/utils/config.in.h -------------------------------------------------------------------------------- /macOS/ModJack/.clang-format: -------------------------------------------------------------------------------- 1 | ColumnLimit: 120 2 | -------------------------------------------------------------------------------- /macOS/ModJack/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/.gitignore -------------------------------------------------------------------------------- /macOS/ModJack/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/README.md -------------------------------------------------------------------------------- /macOS/ModJack/build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/build.sh -------------------------------------------------------------------------------- /macOS/ModJack/kernel/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/Makefile -------------------------------------------------------------------------------- /macOS/ModJack/kernel/fruit/symbols: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/fruit/symbols -------------------------------------------------------------------------------- /macOS/ModJack/kernel/jail.sb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/jail.sb -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/exploit.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/exploit.h -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/exploit.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/exploit.m -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/kextd.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/kextd.m -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/kickstart.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/kickstart.m -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/log.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/log.h -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/patch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/patch.h -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/patch.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/patch.m -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/rootless.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/rootless.m -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/symbols.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/symbols.m -------------------------------------------------------------------------------- /macOS/ModJack/kernel/src/taylor.swift: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/kernel/src/taylor.swift -------------------------------------------------------------------------------- /macOS/ModJack/libinj/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/libinj/Makefile -------------------------------------------------------------------------------- /macOS/ModJack/libinj/injector.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/libinj/injector.c -------------------------------------------------------------------------------- /macOS/ModJack/libinj/injector.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/libinj/injector.h -------------------------------------------------------------------------------- /macOS/ModJack/libinj/offsets.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/libinj/offsets.py -------------------------------------------------------------------------------- /macOS/ModJack/libinj/shellcode.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/libinj/shellcode.c -------------------------------------------------------------------------------- /macOS/ModJack/libinj/test.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/ModJack/libinj/test.c -------------------------------------------------------------------------------- /macOS/up-to-10.13.6-sbx/.gitignore: -------------------------------------------------------------------------------- 1 | content.gen.h 2 | assets -------------------------------------------------------------------------------- /macOS/up-to-10.13.6-sbx/Default.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/up-to-10.13.6-sbx/Default.png -------------------------------------------------------------------------------- /macOS/up-to-10.13.6-sbx/Info.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/up-to-10.13.6-sbx/Info.plist -------------------------------------------------------------------------------- /macOS/up-to-10.13.6-sbx/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/up-to-10.13.6-sbx/Makefile -------------------------------------------------------------------------------- /macOS/up-to-10.13.6-sbx/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/up-to-10.13.6-sbx/README.md -------------------------------------------------------------------------------- /macOS/up-to-10.13.6-sbx/escape.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/up-to-10.13.6-sbx/escape.h -------------------------------------------------------------------------------- /macOS/up-to-10.13.6-sbx/escape.m: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/up-to-10.13.6-sbx/escape.m -------------------------------------------------------------------------------- /macOS/up-to-10.13.6-sbx/main.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ChiChou/sploits/HEAD/macOS/up-to-10.13.6-sbx/main.html --------------------------------------------------------------------------------