Gatekeeper Bypass Proof Of Concept
Posted by deepcore on October 5, 2021 – 5:16 pm
This script will create a zip file exploiting CVE-2021-1810 by creating a directory hierarchy deep enough for Archive Utility to fail setting quarantine attributes on certain files while also making some path names long enough to prevent Safari automating unzipping from unpacking the archive. Finally, the script will create a symbolic link at the top level, making the zip file appear like a normal app bundle zip file.
Post a reply
You must be logged in to post a comment.