does anyone know CVE-2016-4655,4656,4657(Trident) ?

Questions and Answers about all things *OS (macOS, iOS, tvOS, watchOS)

does anyone know CVE-2016-4655,4656,4657(Trident) ?

Postby merong » Tue Aug 30, 2016 5:06 pm

J was post lookout report in twitter, and i saw there is 3 vuls with webkit exploit, info leak, kernel exploit.

but there is no more detail information about 3 vuls. T.T

I don't expect exploit code.. T.T Just want to know which one is problem.

i was try to find information in google, and ipsw.me for decrypt firmware and compare patch.

but i can't solve that problem... T.T

does anyone know about cve-2016-4655,4656,4657 ?

if know, plz help me and any helpful link or information will be thanks ^^

have a nice day ^^
merong
 
Posts: 4
Joined: Tue Aug 30, 2016 4:56 pm

Re: does anyone know CVE-2016-4655,4656,4657(Trident) ?

Postby morpheus » Tue Aug 30, 2016 7:30 pm

The CVEs are pretty well detailed. WebKit is the entry vector, KASLR bypass is the 2nd CVE, and then arbitrary kernel r/w for the third.They're all very much a problem.

I'm hoping to get my hands on a sample of that Pegasus malware so I can dissect it. The Info leak has been patched in 9.3.5 and will likely be patched in 10b9.
morpheus
Site Admin
 
Posts: 532
Joined: Thu Apr 11, 2013 6:24 pm

Re: does anyone know CVE-2016-4655,4656,4657(Trident) ?

Postby merong » Wed Aug 31, 2016 2:32 am

thanks for replay^^

i was understand webkit exploit is first step though sms.

but don't know which function is problemed T.T

and second step is info leak for calc kernel cache address.

cause of modify some function for disable codesign & sandbox
( in lookout report, comment can know always return 0 is exist like pangu 9's codesign disable ^^ )

but still don't know which funtion is problemed.

and third step is modify kernel cache maybe.

but i don't understand they direct modify or though other function. T.T

Thanks again your reply, J ^^

if i got some sample of trident, i will share in here ^^
merong
 
Posts: 4
Joined: Tue Aug 30, 2016 4:56 pm


Return to Questions and Answers

Who is online

Users browsing this forum: No registered users and 1 guest