Advertisements

RootOS – macOS Root Helper

rootOS tries to use various CVEs to gain sudo or root access.

All exploits have an end goal of adding ALL ALL=(ALL) NOPASSWD: ALL to /etc/sudoers allowing any user to run sudo commands.

 

Exploits

  • CVE-2008-2830
  • CVE-2015-3760
  • CVE-2015-5889
  • CVE-2017-13872
  • AppleScript Dynamic Phishing
  • Sudo Piggyback

Run

python root.py

Dynamic Phishing

Advertisements
Advertisements
Advertisements
Advertisements
%d bloggers like this: