CVE-2025-24203

This repository provides a toolbox that leverages CVE-2025-24203 to temporarily disable or modify iOS system files in memory, offering various customization tweaks for iOS 16.0 to 18.3.2. The exploit does not persist across reboots and requires a respring to apply changes.

This is a privilege escalation exploit for CVE-2025-24203 targeting iOS 16.0 to 18.3.2, leveraging memory manipulation via `vm_behavior_set` and `mlock` to achieve effects similar to MacDirtyCow. The PoC includes improved error logging for research purposes.

This repository contains a working proof-of-concept exploit for CVE-2025-24203, a vulnerability in XNU's VM_BEHAVIOR_ZERO_WIRED_PAGES that allows writing to read-only pages by leveraging mlock and vm_deallocate to zero out physical memory pages. The exploit demonstrates how to modify read-only, root-owned files on iOS 16.0 to 18.3.2.

The repository contains functional exploit code for multiple CVEs, including authentication bypass vulnerabilities in TOTOLINK devices and a scanner for Fortinet SSL VPN (CVE-2024-21762). The PoCs demonstrate the vulnerabilities with clear technical details and functional code.