This Metasploit module exploits a JIT optimization bug in Safari Webkit. This allows us to write shellcode to an RWX memory section in JavaScriptCore and execute it. The shellcode contains a kernel exploit (CVE-2016-4669) that obtains kernel rw, obtains root and disables code signing. Finally we download and execute the meterpreter payload. This module has been tested against iOS 7.1.2 on an iPhone 4.
8ca4b125e9aba514f4d2bd3c12b5189f4dceafcaab577262cc602a11c87480fb
Gentoo Linux Security Advisory 201808-4 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Versions less than 2.20.4 are affected.
5081c3ad4349dfef3a23631121519a7a0e0d8d440b3260db527d43b8683f2056
Ubuntu Security Notice 3635-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
32d0d604c5e1a34b24d400cba123105ddcfdc1d3b7e3ce7503ce77dd378db74c
WebKitGTK+ versions prior to 2.20.0 suffer from various memory corruption vulnerabilities.
c53354b945d78b1f0dbc2bf520b8c3a0b6c899f69af44631165c1d7f0a375e5d
Apple Security Advisory 2018-3-29-8 - iCloud for Windows 7.4 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
2b5fddf353c0cc8483438947ebcaa55409c0d770b545358c2c90bd951c9883e7
Apple Security Advisory 2018-3-29-7 - iTunes 12.7.4 for Windows is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
d675b554a5207eb14989149462f75ea146c87952668d12d3c50b77772f472708
Apple Security Advisory 2018-3-29-6 - Safari 11.1 is now available and addresses code execution and denial of service vulnerabilities.
9143298fe99a1e196aee423666f33c8e62d3f8995dee62402a8290297d9d05b4
Apple Security Advisory 2018-3-29-3 - tvOS 11.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
baba26612f4d65374fab4054e41819e83cb578ffc7df334f5af54f80647ff086
Apple Security Advisory 2018-3-29-2 - watchOS 4.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
175c19a3aa3e068aab66d689a01fe0e6928848b746e6b0c1dd5aa6a35636888d