CVE-2023-26818 macOS TCC Bypass Exploit (Parts 1 & 2)
By Zeyad Azima OverviewThis combines both parts of the original write-up into a single post. Part 1 covers entitlement-targeted payloads (camera, microphone, Apple Events) for Telegram; Part 2 extends the tooling with data exfiltration and a console app for quicker dylib edits and compilation. Part 1 — Exploit Writing: CVE-2023-26818 macOS TCC Bypass w&#x..
Read more
CVE-2023-26818 macOS TCC Bypass Analysis (Parts 1 & 2)
By Zeyad Azima OverviewThis merges the two-part analysis of CVE-2023-26818 into a single post. Part 1 covers the root cause and DyLib injection path in Telegram. Part 2 dives into macOS sandboxing and how to bypass it to complete the exploit chain. Part 1 — CVE-2023-26818: macOS TCC Bypass w/ Telegram (Analysis)IntroductionA vulnerability Discovered ..
Read more