CVE-2022-46689

This repository contains a proof-of-concept exploit for CVE-2022-46689, which allows overwriting fonts on iOS 16.1.2 and below by leveraging a race condition in the vm_unaligned_copy_switch_race mechanism. The exploit uses WOFF2 font compression with padding to bypass memory write restrictions.

This is a working proof-of-concept exploit for CVE-2022-46689, a macOS vulnerability similar to Dirty Cow. It leverages a race condition in the virtual memory subsystem to overwrite read-only files, enabling local privilege escalation by modifying /etc/pam.d/su to bypass password authentication.

This PoC exploits a race condition in macOS vm_unaligned_copy_switch_race (CVE-2022-46689) to achieve arbitrary memory write by rapidly switching memory mappings between read-only and read-write states. The code demonstrates a thread-based race to trick the kernel into writing to read-only memory.

This PoC exploits a race condition in macOS's vm_unaligned_copy_switch_race to achieve arbitrary memory write by rapidly switching memory mappings between read-only and read-write states. It targets a vulnerability in the XNU kernel's memory management, specifically CVE-2022-46689.

This PoC exploits a race condition in macOS's vm_unaligned_copy_switch_race to achieve arbitrary memory write, potentially leading to privilege escalation. The code demonstrates a thread-based race to switch memory mappings between read-only and read-write states.

This PoC exploits a race condition in macOS's vm_unaligned_copy_switch_race (CVE-2022-46689) to achieve arbitrary memory writes by manipulating memory mappings between read-only and read-write states. The code demonstrates a thread-based race to bypass memory protections and overwrite targeted file data.

This PoC exploits a race condition in macOS's vm_unaligned_copy_switch_race (CVE-2022-46689) to achieve arbitrary memory writes by rapidly switching memory mappings between read-only and read-write states. The code demonstrates a thread-based race to bypass memory protections and overwrite target data.

This PoC exploits a race condition in macOS XNU's vm_unaligned_copy_switch_race to achieve arbitrary memory write by manipulating memory mappings between read-only and read-write states. It demonstrates a local privilege escalation by overwriting a target file's mapped memory region.

This PoC exploits a race condition in macOS's vm_unaligned_copy_switch_race to achieve arbitrary memory write by rapidly switching memory mappings between read-only and read-write states. It targets a vulnerability in the XNU kernel's memory management, specifically CVE-2022-46689.

This PoC demonstrates CVE-2022-46689 (MacDirtyCow), a privilege escalation vulnerability in macOS's XNU kernel. It exploits a race condition in the copy-on-write mechanism to modify read-only files, potentially leading to root access.

The repository claims to be a PoC for CVE-2022-46689 but contains no exploit code, only a warning about bootlooping devices and a disguised lure as 'onlyfans++'. This is likely a social engineering attempt to distribute malware.

This repository contains a legitimate AWS CDK-based PoC for CVE-2022-46689, which automates the deployment of a Lambda function to monitor AWS Control Tower security notifications and forward them to a webhook. The scripts assume an IAM role in the audit account and deploy infrastructure across multiple regions.

This repository contains documentation and source code for the Laravel Nova Flexible Content package, which is vulnerable to CVE-2022-46689. The README provides installation and usage instructions but does not include exploit code or offensive techniques.

This repository contains a README describing a proof-of-concept for CVE-2022-46689, which involves overwriting fonts on iOS. No actual exploit code is provided.

This repository contains a Swift-based proof-of-concept exploit for CVE-2022-46689, targeting iOS versions 16.0-16.1.2 and 15.0-15.7.1. The exploit leverages a race condition vulnerability in the vm_unaligned_copy_switch_race function, as demonstrated in the referenced Apple test case.

This PoC exploits CVE-2022-46689, a race condition in macOS's vm_unaligned_copy_switch_race to achieve local privilege escalation by manipulating memory mappings. It demonstrates the DirtyCow-like vulnerability on macOS systems.

This repository contains a functional exploit for CVE-2022-46689, leveraging a path traversal vulnerability in Apple's MobileBackup2 service to achieve arbitrary file write and potential local privilege escalation on iOS devices. The exploit uses hard link manipulation and directory traversal to bypass sandbox restrictions.

This repository contains a functional exploit PoC for CVE-2022-46689, targeting a race condition in the vm_unaligned_copy_switch_race mechanism in macOS/iOS. The exploit leverages memory mapping and thread synchronization to achieve arbitrary file overwrites, demonstrating a local privilege escalation (LPE) vulnerability.

This Metasploit module exploits CVE-2022-46689, a macOS Dirty Cow vulnerability, to achieve local privilege escalation by overwriting the /etc/pam.d/su file to permit unauthorized root access. It uses a race condition in the vm_unaligned_copy_switch function to gain arbitrary file write capabilities.