Hacking the Apple Webcam (again) by Ryan Pickren Gaining u | PT SWARM
Hacking the Apple Webcam (again)
by Ryan Pickren
Gaining unauthorized camera access via Safari UXSS, this research resulted in 4 0day bugs (CVE-2021-30861, CVE-2021-30975, and two without CVEs), 2 of which were used in the camera hack.
Contents: • Summary • Background • The Attack Plan • Exploration of custom URI Schemes • Exploit Requirements • ShareBear Application • Bonus Bug: Iframe Sandbox Escape • Quarantine and Gatekeeper • Shortcuts • Full Chain • Remediation • Bonus Material (#1) • Bonus Material (#2) • Conclusion
Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...
