OSX Pwning With Sparkle

by admin

Monday, February 1st, 2016 at 2:35 pm

The Sparkle Updater framework does not set HTTPS everywhere allowing remote command execution attacks. This attack will apparently work if allowing any app to run is set on OSX. Otherwise you get blocked by Quarantine and Gatekeeper, both prevent signed and unsigned applications from being automatically run without the user’s consent.

Src:https://www.evilsocket.net/2016/01/30/osx-mass-pwning-using-bettercap-and-the-sparkle-updater-vulnerability/

Your IP: 172.68.65.41
Hostname: 172.68.65.41

We love our country, but fear our government.