GateKeeper - bypass or not bypass?

Oct 25, 20191 like221 views

Gatekeeper only verifies executables run through the open command or by double clicking, not those run through other means like using terminal. While experiments 2-4 seemed to bypass Gatekeeper, they were actually expected behavior. Gatekeeper's goal is to prevent execution of downloaded applications only when users double click them. In Catalina, Gatekeeper also verifies executables run through exec and performs malware checks on every execution, closing the previous bypass methods. Plist files can still be executed regardless of quarantine attributes, allowing for potential remote code execution. Bringing your own virtual machine is another avenue to achieve malware goals without host access.

GateKeeper
Bypass or not bypass?
Csaba Fitzl
Twitter: @theevilbit

whoami
• red teamer, ex blue teamer
• kex - kernel exploitation python toolkit
• recent macOS research
• husband, father
• hiking
• yoga

the goal
Understand how GateKeeper works and when it is invoked,
show ways to bypass / avoid it.

experiment prep
• create a meterpreter mach-o
• serv via HTTP
• download
• ensure quarantine ﬂag is present

experiment #1
• double click
• use ‘open’ command

experiment #2
• add executable rights
• run
• enjoy your shelz

experiment #3
• create plist ﬁle
• load it
• enjoy your shelz

experiment #4
• create code that wraps it
• compile, run
• enjoy your shelz

what?
• is experiment 2-4 a bypass or not?
• seemed to be well known, but even Patrick Wardle was unsure:
• let’s ask Apple!!
• not a bypass, expected behaviour

conclusion
Gatekeeper only veriﬁes executables, which are run with the `open` command or the user double
clicks (=LaunchServices) on ﬁrst run. It won’t verify ﬁles, that are executed through other means like,
directly executing a binary `./myapp` regardless of the quarantine attribute. If you can place a plist
ﬁle inside LaunchAgents/LaunchDaemons, the command inside will also be executed.
Although it’s not clearly stated everywhere, but I think the overall goal is prevent execution when
users double-click applications downloaded from the Internet. If you go and grant execution rights, I
think Apple assumes ‘advanced’ users in that case and will not deal with it. This is my take on it.

i still want a bypass / RCE
• plist ﬁle inside LaunchAgents will be loaded regardless of the ‘q’ ﬂag
• idea: let’s drop a plist ﬁle there during download
• Safari auto unzips ﬁles (default) - (protip: TURN THIS FEATURE OFF!!)
• let’s try to redirect ﬁles
• after plenty of hours, days, weeks - no luck, no escape from the
‘Downloads’ folder

• if we can’t do it, let’s ask the user to do it :D
• how do you install apps on macOS? D&D.
• let’s create something similar

creating your DMG
• replace the symlink on the right
• add an icon to your plist ﬁle (Get Info)
• arrange your DMG layout
• result:

changes
• on top of Mojave, GK is also invoked if
• executed via ‘exec’, etc… (on ﬁrst run)
• malware check on *every* execution (not just 1st run)
• the previous experiments won’t work
• although it was well known to everyone (bypass GK via ‘exec’), no one
raised it to Apple, likely only me, thus:

yet to be ﬁxed - plist
• plist ﬁles are still loaded regardless of the ‘q’ attribute
• you can put shell scripts inside
• D&D trick is killed in Catalina (user’s can’t D&D to symlinks pointing to
LaunchAgents folder)

bring your own VM :)
• Qemu is supported on macOS, signed
• use that to run a VM (cryptominer malware)
• not useful if you need to access user data
• useful if you only need CPU power

Credits / References
• Icons made by Freepik, Prosymbols, good-ware from FlatIcon
• https://developer.apple.com/videos/play/wwdc2019/701
• https://blog.malwarebytes.com/mac/2019/06/new-mac-cryptominer-
malwarebytes-detects-as-bird-miner-runs-by-emulating-linux/
• https://objective-see.com/blog/blog_0x32.html
• https://speakerdeck.com/patrickwardle/shmoocon-2016-gatekeeper-
exposed-come-see-conquer

Csaba Fitzl will discuss techniques for escalating privileges on macOS by abusing the installation process of benign App Store apps. This involves hijacking dylib loading, dropping files in app folders during installation by subverting symlinks, and infecting installers. A demonstration will show creating a "Crontab Creator" app to drop a cronjob file and escalate to root on High Sierra. Recommendations are provided to address these issues, such as verifying app folder ownership and contents during installation.

Exploiting XPC in AntiVirusCsaba Fitzl

In this talk we will publish our research we conducted on 28 different AntiVirus products on macOS through 2020. Our focus was to assess the XPC services these products expose and if they presented any security vulnerabilities. We will talk about the typical issues, and demonstrate plenty of vulnerabilities, which typically led to full control of the given product or local privilege escalation on the system. At the end we will give advice to developers how to write secure XPC services.

Mitigating Exploits Using Apple's Endpoint SecurityCsaba Fitzl

I have spent the last two years finding logic vulnerabilities both in Apple's macOS operating system and in third-party apps running on macOS. One of the common ways to gain more privileges is by injecting code into a process that possesses various entitlements, which grants various rights to the process. Although Apple's own processes are well protected, the same is not the case for third-party apps. This has opened up the possibilities for plenty of privacy (TCC) related bypasses and privilege escalation to root through XPC services. Another common pattern is to attack the system and applications through symbolic links. When Apple introduced the Endpoint Security framework, I decided to write an application to protect against such attacks, and to learn the framework myself. This application is free and open source. In this talk I will introduce the basic concepts behind some of the logic attacks. I will talk about how they work, and what they make possible. Then we will discuss Apple's Endpoint Security framework, how it works, and how someone can use it. Next I will talk about the development of the application, how the mitigations are implemented, and how it works in the background. I will go through several demonstrations showing its effectiveness against exploitation. I will also go through my experiences getting the Endpoint Security entitlement from Apple.

Getting root with benign app store apps vsecurityfestCsaba Fitzl

This document discusses macOS privilege escalation techniques using benign App Store apps. It describes how dylib hijacking can be used to gain root privileges by subverting the installation process and dropping files in privileged locations. It provides a demonstration using a "Crontab Creator" app to drop a cronjob that executes a script with root privileges. The document also discusses monitoring tools and how Apple addressed the vulnerability in later versions of macOS.

Exploiting Directory Permissions on macOSCsaba Fitzl

This talk covers how we can exploit applications on macOS (including macOS itself), where some of the directory / file permissions are incorrectly set. The incorrectness of these settings is not trivial at first sight because understanding these permissions are not intuitive. We will see bugs from simple arbitrary overwrites, to file disclosures and privilege escalation. The concepts applicable to *nix based system as well, however this talk focuses on macOS bugs only. We will also cover different techniques about how to control contents of files, to what we don’t have direct write access. We will do a deep dive overview of the various r / w / x permissions, what do they mean in case of files, and more importantly in case of directories. We will also take a look at the additional settings, like ownership and the ‘lock’ flag and how do they affect the previous permissions. As part of this we will see how to find such bugs. We will see a file information disclosure bug affecting macOS Mojave, where we can get read access to files which would normally be accessible only for root users. We will also cover 4 vulnerabilities that are caused due to our ability to control the location of certain files. As we have direct control over only the file location, but not the contents, we will explore tricky techniques how we can influence the contents of some of these files to our benefit.

How to convince a malware to avoid usCsaba Fitzl

This document discusses how malware authors try to detect analysis environments like sandboxes, virtual machines, and debuggers in order to avoid analysis. It presents real world malware examples that use these detection techniques. The document then proposes potential "vaccination" techniques to emulate unhealthy environments in order to trick malware into thinking it is not being analyzed, making the researcher's job easier. It showcases some proof-of-concept tools developed by the author for this purpose, including tools to fake the presence of virtual machines and debuggers. Challenges with vaccination techniques are also discussed.

SANS DFIR Prague: PowerShell & WMIJoe Slowik

This document discusses the use of PowerShell and Windows Management Instrumentation (WMI) by attackers. It provides background on these tools and their capabilities. It then gives examples of how attackers may use PowerShell and WMI for activities like downloading files, achieving persistence, and pivoting within a network. The document concludes by discussing defenses like logging and monitoring these tools to detect malicious use.

Invoke-Obfuscation nullcon 2017Daniel Bohannon

The document discusses techniques for obfuscating PowerShell commands to evade detection. It begins by motivating the need for improved PowerShell logging and detection capabilities as PowerShell is increasingly used by attackers. It then outlines ways to prepare systems for PowerShell investigations through process auditing and command line logging. One section focuses on obfuscating the common technique of using New-Object Net.WebClient to perform remote downloads. It demonstrates how this command can be broken up and variables used to avoid detection based solely on the presence of certain strings.

Obfuscating The EmpireRyan Cobb

This document discusses obfuscating PowerShell Empire to avoid detection. It covers why attackers obfuscate, how Empire can be obfuscated using Invoke-Obfuscation, and techniques defenders can use like enabling PowerShell logging and using antivirus with AMSI to detect obfuscated scripts. Token obfuscation can bypass AMSI scanning and persist in logs. A similarity metric is presented for detecting obfuscated scripts but has false positives with heavy obfuscation. Defenders should focus on preventing PowerShell 2.0 usage and bypassing AMSI.

Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@('Tech','niqu...Daniel Bohannon

Get-Help: An intro to PowerShell and how to Use it for Eviljaredhaight

Revoke-ObfuscationDaniel Bohannon

Testing Automaton - CFSummit 2016Ortus Solutions, Corp

Catch Me If You Can: PowerShell Red vs BlueWill Schroeder

Seven perilous pitfalls to avoid with Java | DevNation Tech TalkRed Hat Developers

Developers and security: It’s a lot more than just turning on SSL. In this session we’re going to learn to think differently about designing and coding in Java so that the application is less open to being attacked and (bonus) is often of higher quality. This talk will cover seven types of development issues that can get your application into trouble. With code examples (of course), we’ll explore a series of common code pitfalls and explain how to design and code differently. There is much to learn when creating a secure application - take your first steps here.

DevSec DefenseDaniel Bohannon

Laravel Forge: Hello World to Hello ProductionJoe Ferguson

Pwning with powershelljaredhaight

PwnstallerWill Schroeder

Will presented on using Pyinstaller and introducing Pwnstaller, a tool he created to dynamically generate unique Python payload executables. Pyinstaller packages Python scripts into standalone executables but its loader binaries could be detected by antivirus. Pwnstaller obfuscates and recompiles the Pyinstaller loader source each time to avoid static signatures. It has been integrated into Veil-Evasion so Python payloads benefit from dynamically generated unique loaders that are harder for antivirus to detect.

DevOOPS: Attacks and Defenses for DevOps ToolchainsChris Gates

DevOps toolchains are transforming modern IT, but hackers can undermine their benefits through poorly implemented or vulnerable DevOps tools. Chris Gates and Ken Johnson will share their collaborative attack research into the technology driving DevOps. They will share an attacker's perspective on exploiting DevOps organizations and the countermeasures these organizations should employ. RSAC 2017 Ken Johnson & Chris Gates

The Dirty Little Secrets They Didn’t Teach You In Pentesting ClassRob Fuller

SymfonyCon Madrid 2014 - Rock Solid Deployment of Symfony AppsPablo Godel

Pantheon basicsPlasterdog Web Design

Wielding a cortanaWill Schroeder

Malicious Payloads vs Deep Visibility: A PowerShell StoryDaniel Bohannon

This document summarizes a presentation on malicious payloads using PowerShell. It discusses how attackers often use PowerShell due to its native Windows capabilities and offensive tradecraft possibilities. The presentation provides examples of PowerShell usage in the wild, including downloading an executable and storing PowerShell in environment variables for persistence. Detection approaches are also examined, highlighting the importance of PowerShell logging.

Introduction to Apache AntMuhammad Hafiz Hasan

This document provides an overview of Ant, an open source build tool for Java projects. It discusses what Ant is, what it can do, how to install it, and includes an example of a basic Ant build file. The document outlines Ant's capabilities like compiling source code, running tests, packaging code, and handling dependencies. It also mentions common Ant techniques like using simple targets that each perform a single task and using properties files for configurability.

10 Laravel packages everyone should knowPovilas Korop

This document lists and summarizes 10 Laravel packages that developers should know. It describes Carbon, a PHP date and time API extension, Illuminate/html for forms, Laravel generators for speeding up development, Doctrine/DBAL for database operations, Intervention/image for image handling, and others for user agent parsing, PDF generation, slug creation, improving IDE autocompletion, and debugging tools. Each package is briefly described and examples of usage are provided.

Adventures in Asymmetric WarfareWill Schroeder

[Hackersuli][HUN]MacOS - Going Down the Rabbit Holehackersuli

Colab workshop (for Computer vision Students)Asim Hameed Khan

Google Colab is a free cloud service that allows users to write and execute Python code through Jupyter notebooks. It provides free GPUs and TPUs, integrates with Google Drive for data storage, and supports popular machine learning frameworks like TensorFlow, Keras, and PyTorch. The document outlines how to create and share Colab notebooks, install packages, enable GPUs, import data from GitHub and Kaggle, and save/download work.

More Related Content

What's hot (20)

Obfuscating The EmpireRyan Cobb

Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@('Tech','niqu...Daniel Bohannon

Get-Help: An intro to PowerShell and how to Use it for Eviljaredhaight

Revoke-ObfuscationDaniel Bohannon

Testing Automaton - CFSummit 2016Ortus Solutions, Corp

Catch Me If You Can: PowerShell Red vs BlueWill Schroeder

Seven perilous pitfalls to avoid with Java | DevNation Tech TalkRed Hat Developers

DevSec DefenseDaniel Bohannon

Laravel Forge: Hello World to Hello ProductionJoe Ferguson

Pwning with powershelljaredhaight

PwnstallerWill Schroeder

DevOOPS: Attacks and Defenses for DevOps ToolchainsChris Gates

The Dirty Little Secrets They Didn’t Teach You In Pentesting ClassRob Fuller

SymfonyCon Madrid 2014 - Rock Solid Deployment of Symfony AppsPablo Godel

Pantheon basicsPlasterdog Web Design

Wielding a cortanaWill Schroeder

Malicious Payloads vs Deep Visibility: A PowerShell StoryDaniel Bohannon

Introduction to Apache AntMuhammad Hafiz Hasan

10 Laravel packages everyone should knowPovilas Korop

Adventures in Asymmetric WarfareWill Schroeder

Obfuscating The EmpireRyan Cobb

Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@('Tech','niqu...Daniel Bohannon

Get-Help: An intro to PowerShell and how to Use it for Eviljaredhaight

Revoke-ObfuscationDaniel Bohannon

Testing Automaton - CFSummit 2016Ortus Solutions, Corp

Catch Me If You Can: PowerShell Red vs BlueWill Schroeder

Seven perilous pitfalls to avoid with Java | DevNation Tech TalkRed Hat Developers

DevSec DefenseDaniel Bohannon

Laravel Forge: Hello World to Hello ProductionJoe Ferguson

Pwning with powershelljaredhaight

PwnstallerWill Schroeder

DevOOPS: Attacks and Defenses for DevOps ToolchainsChris Gates

The Dirty Little Secrets They Didn’t Teach You In Pentesting ClassRob Fuller

SymfonyCon Madrid 2014 - Rock Solid Deployment of Symfony AppsPablo Godel

Pantheon basicsPlasterdog Web Design

Wielding a cortanaWill Schroeder

Malicious Payloads vs Deep Visibility: A PowerShell StoryDaniel Bohannon

Introduction to Apache AntMuhammad Hafiz Hasan

10 Laravel packages everyone should knowPovilas Korop

Adventures in Asymmetric WarfareWill Schroeder

Similar to GateKeeper - bypass or not bypass? (20)

[Hackersuli][HUN]MacOS - Going Down the Rabbit Holehackersuli

Colab workshop (for Computer vision Students)Asim Hameed Khan

Steamlining your puppet development workflowTomas Doran

The document discusses ways to streamline a Puppet development workflow including using revision control, running Puppet in noop or automatic mode, moving changes slowly through testing and using branches, reporting on changes, and implementing testing strategies like unit testing with rspec-puppet and integration testing with serverspec. It also recommends tools like Foreman, Norman, Puppetfile, and Jenkins to improve testing and deployment.

Puppet Camp New York 2014: Streamlining Puppet Development Workflow Puppet

Burp plugin development for java n00bs (44 con)Marc Wickenden

macOS Vulnerabilities Hiding in Plain SightCsaba Fitzl

Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don’t notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. In this talk I will cover three macOS vulnerabilities that I found while reading the writeup of other vulnerabilities, where some of them were public for over four years. I also only spotted them after multiple reads, and once found I realized that it was right there in front of us every single time. In the 2017 pwn2own macOS exploit chain the authors found a privilege escalation vulnerability is the disk arbitration service. What I found that the same logic flaw was present in another part of he code segment (literally right next to the original), which allowed an attacker to perform a full sandbox escape. In the pwn2own 2020 macOS exploit chain there was a vulnerability concerning the preferences daemon. The patch was presented later by the authors and after reading through the patch for the ~20st time, I spotted a new privilege escalation possibility. In 2021, the macOS XCSSET malware used a TCC 0day bypass, which was later patched. Mickey Jin found a bypass for the patch and presented a new TCC bypass. While reading through his analysis for the n-th time, it hit me, that not only possible to bypass the new patch but there is an underlying fundamental issue with the TCC framework, which allowed us to generically bypass TCC.

The Duck Teaches Learn to debug from the masters. Local to production- kill ...ShaiAlmog1

The document outlines an agenda for a workshop on debugging techniques. The workshop covers installing tools, flow and breakpoints debugging, watching variables, Kubernetes debugging, and developer observability. Key techniques discussed include tracepoints, memory debugging, exception breakpoints, object marking, and logs, snapshots, and metrics for observability. The goal is to teach practical debugging skills that can be applied at scale in production environments like Kubernetes.

Taking Spinnaker for a spin @ London DevOps Meetup 36aleonhardt

This document summarizes an engineer's experience setting up and experimenting with Netflix's Spinnaker continuous delivery tool on a local Kubernetes cluster. The engineer and their team set up Kubernetes using Docker for Mac, installed Halyard to manage Spinnaker, and deployed Spinnaker services. They took a look around the Spinnaker and Kubernetes dashboards. An attempt was made to deploy sample applications but it initially failed due to incorrect assumptions about how Spinnaker works. After reviewing documentation, they were able to deploy applications a little better but more time is needed to fully understand Spinnaker. Key learnings included the importance of documentation and that Spinnaker works in a push rather than pull model.

The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwonKenneth Kwon

Puppet Camp LA 2/19/2015ice799

Puppet Camp LA 2015: Package Managers and Puppet (Beginner)Puppet

This document discusses package managers, Puppet, and creating software package repositories. It recommends using tools like createrepo and reprepro to create RPM and Debian package repositories, and signing them with GPG for security. Puppet modules can automate repository creation and configuration. The document emphasizes the importance of secure practices like GPG signing, HTTPS, and installing necessary verification libraries. Overall it provides guidance on best practices for managing and distributing software packages across infrastructure.

Automated Acceptance Testing from ScratchExcella

Us 16-subverting apple-graphics_practical_approaches_to_remotely_gaining_root...Liang Chen

This document discusses techniques for remotely gaining root privileges on Apple devices by exploiting vulnerabilities in the graphics components. It provides an overview of Apple's graphics architecture and the allowed graphics interfaces for sandboxed processes. It then analyzes attack surfaces in the userland WindowServer and QuartzCore interfaces, describing vulnerabilities previously found that allowed escalating privileges or bypassing sandbox restrictions. Finally, it walks through the exploitation of a double free vulnerability (CVE-2016-1804) in the multi-touch handling that could be leveraged to achieve remote code execution with root privileges.

Great Tools Heavily Used In Japan, You Don't Know.Junichi Ishida

The document discusses Japanese Perl developers who attended YAPC::EU 2015. It introduces many popular Perl modules created by Japanese developers, such as WebService::Simple for making web service requests, Riji for creating blogs, and GrowthForecast for visualizing metrics graphs. It encourages attendees to talk to the Japanese developers about their work or any questions. It emphasizes that Japanese developers prioritize speed and simplicity in their modules due to their culture of valuing efficiency.

Toplog candy elves - HOCM TalkPatrick LaRoche

Giving back with GitHub - Putting the Open Source back in iOSMadhava Jay

EhTrace -- RoP HooksShane Macaulay

This document describes EhTrace, a tool for tracing the execution of binary programs through hooking and branch stepping. EhTrace uses the Windows VEH exception handler to single step programs by setting flags in the CPU context. It can be used to analyze program control flow at the basic block level for purposes like malware analysis, debugging, and code coverage. The document discusses techniques for maintaining control during tracing and fighting attempts by the target program to detect or alter the tracing.

Docker in Continuous IntegrationAlexander Akbashev

This document summarizes a presentation about using Docker in continuous integration systems. It describes some initial challenges faced when first using Docker, such as images becoming large over time and dependencies on external resources. It then outlines improvements made such as creating common base images, reviewing images, restricting external access, and monitoring Docker usage and failures. The presentation emphasizes that Docker can help stabilize CI pipelines if used properly but also requires ongoing learning and challenges to address.

The New Frontend ToolchainBruno Abrantes

The document discusses the modern frontend toolchain for developing complex client-side JavaScript applications. It recommends using command line tools like Homebrew, NPM, RubyGems to manage dependencies. Source code management with Git and feature branching workflow is also emphasized. Node.js and package managers like NPM and Bower are introduced to help manage third-party libraries. Task automation with Grunt is presented as a way to automate common development tasks like testing, preprocessing, and building.

Simon Bennetts - Automating ZAP DevSecCon

The document provides information about automating scans using the OWASP ZAP security tool. It discusses getting started with the baseline scan, options for full scans including the command line, Jenkins plugin, and API. It also covers exploring targets using the spider, performing passive and active scans, generating reports, and authenticating. The workshop aims to demonstrate how to integrate ZAP into development pipelines to find security issues early.

[Hackersuli][HUN]MacOS - Going Down the Rabbit Holehackersuli

Colab workshop (for Computer vision Students)Asim Hameed Khan

Steamlining your puppet development workflowTomas Doran

Puppet Camp New York 2014: Streamlining Puppet Development Workflow Puppet

Burp plugin development for java n00bs (44 con)Marc Wickenden

macOS Vulnerabilities Hiding in Plain SightCsaba Fitzl

The Duck Teaches Learn to debug from the masters. Local to production- kill ...ShaiAlmog1

Taking Spinnaker for a spin @ London DevOps Meetup 36aleonhardt

The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwonKenneth Kwon

Puppet Camp LA 2/19/2015ice799

Puppet Camp LA 2015: Package Managers and Puppet (Beginner)Puppet

Automated Acceptance Testing from ScratchExcella

Us 16-subverting apple-graphics_practical_approaches_to_remotely_gaining_root...Liang Chen

Great Tools Heavily Used In Japan, You Don't Know.Junichi Ishida

Toplog candy elves - HOCM TalkPatrick LaRoche

Giving back with GitHub - Putting the Open Source back in iOSMadhava Jay

EhTrace -- RoP HooksShane Macaulay

Docker in Continuous IntegrationAlexander Akbashev

The New Frontend ToolchainBruno Abrantes

Simon Bennetts - Automating ZAP DevSecCon

More from Csaba Fitzl (7)

The Final Chapter - Unlimited Ways to Bypass Your macOS Privacy MechanismsCsaba Fitzl

"ThereIsNoPrivacy.app" would like to access the camera and spy on you, and access all of your private data. In this talk we return for a third time to talk about bypassing macOS's privacy mechanisms. In the last 4 years we submitted over 100 vulnerabilities to Apple which allowed us to either fully or partially bypass macOS's privacy protection framework (TCC). We gave talks about our findings and various techniques in previous BlackHat conferences. We will start by briefly explaining how the privacy framework works on macOS, how various databases, configuration files and the Sandbox play various roles in fulfilling a single goal - protecting your private data. Then we will switch gears and show many new vulnerabilities and a couple of new techniques and ideas which allowed us to bypass privacy protection. As usual, you may expect full exploits, tons of demos and a lot of fun. Believe it or not but we bypassed the TCC again with /usr/bin/grep… multiple times. Finally, we will talk about how Apple improved the privacy framework over the years, what new features were added in macOS Ventura, Sonoma, since the last time we talked about this topic. We will briefly review a few techniques, which we consider mostly dead due to new mitigations and fixes.

Launch and Environment Constraints OverviewCsaba Fitzl

In this talk I will talk about two mitigations which Apple introduced in order to protect against many types of logic vulnerabilities. Launch Constraints was introduced in macOS Ventura, and they can control who can launch a built-in system application and how. Environment Constraints were introduced in Sonoma, and it's basically the extension of Launch Constraints for third party apps. These two features are probably the most impactful when it comes to exploitation. I will review them in detail, how they are set up, what they do exactly, and what kind of vulnerability classes they mitigate. I will also go through a couple of past vulnerabilities, which could not have been exploited with these constraints present. Finally I will walk through how various third party apps should be set up in order to be secure.

SecurityFest-22-Fitzl-beyond.pdfCsaba Fitzl

This document discusses 10 techniques for persistence on macOS beyond using LaunchAgents. It provides an overview of techniques such as modifying shell startup files, using Pluggable Authentication Modules (PAM), Hammerspoon, preference panes, screen savers, color pickers, periodic scripts, Terminal preferences, emond (the event monitor daemon), and folder actions. For each technique, it describes how it works and how it could be detected and monitored for malicious use. The conclusion is that while malware most commonly uses LaunchAgents, there are many unexplored persistence options that blue teams need to prepare for.

Csaba fitzl - Mount(ain) of BugsCsaba Fitzl

The slides of my ObjectiveByTheSea v4 conference talk. Abstract --------- In this talk we will dive into mount operation internals on macOS and discuss several vulnerabilities impacted the system. In the first half we will introduce how mounting is happening, how the sandbox is tied to the mount operation. We will also discuss the diskarbitration service, which is also responsible some of the mounting which can be done by the user. Next we will detail different bugs impacted macOS in the past, where mounting had a key role. These range from privilege escalation to complete privacy (TCC) bypasses. Lastly we will review how we can use the mount command for our own advantage when exploiting third party applications.

20+ ways to bypass your mac os privacy mechanismsCsaba Fitzl

"TotallyNotAVirus.app" would like to access the camera and spy on you. To protect your privacy, Apple introduced Transparency, Consent, and Control (TCC) framework that restricts access to sensitive personal resources: documents, camera, microphone, emails, and more. Granting such access requires authorization, and the mechanism's main design concern was clear user consent. In this talk, we will share multiple techniques that allowed us to bypass this prompt, and as a malicious application, get access to protected resources without any additional privileges or user's consent. Together, we submitted over 40 vulnerabilities just to Apple through the past year, which allowed us to bypass some parts or the entire TCC. We also found numerous vulnerabilities in third-party apps (including Firefox, Signal, and others), which allowed us to avoid the OS restrictions by leveraging the targeted apps' privileges. In the first part of the talk, we will give you an overview of the TCC framework, its building blocks, and how it limits application access to private data. We will explore the various databases it uses and discuss the difference between user consent and user intent. Next, we will go through various techniques and specific vulnerabilities that we used to bypass TCC. We will cover how we can use techniques like process injection, mounting, application behavior, or simple file searches to find vulnerabilities and gain access to the protected resources. The audience will leave with a solid understanding of the macOS privacy restrictions framework (TCC) and its weaknesses. We believe there is a need to raise awareness on why OS protections are not 100% effective, and in the end, users have to be careful with installing software on their machines. Moreover - as we're going to publish several exploits - red teams will also benefit from the talk.

Exploit generation and javascript analysis automation with WinDBG luCsaba Fitzl

Exploit generation automation with WinDBG (Hacktivity 2017)Csaba Fitzl

This document discusses an automated tool written in Python that uses the pykd library to interact with WinDBG to automate the entire exploit writing process from a crash proof of concept to a working exploit for classic buffer overflows without any manual interaction. The tool finds the EIP overwrite location, registers pointing to buffers, bad characters, and a way to jump to shellcode to generate a successful exploit from a simple crash by automating the entire process.

The Final Chapter - Unlimited Ways to Bypass Your macOS Privacy MechanismsCsaba Fitzl

Launch and Environment Constraints OverviewCsaba Fitzl

SecurityFest-22-Fitzl-beyond.pdfCsaba Fitzl

Csaba fitzl - Mount(ain) of BugsCsaba Fitzl

20+ ways to bypass your mac os privacy mechanismsCsaba Fitzl

Exploit generation and javascript analysis automation with WinDBG luCsaba Fitzl

Exploit generation automation with WinDBG (Hacktivity 2017)Csaba Fitzl

Recently uploaded (20)

Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...BookNet Canada

Book industry standards are evolving rapidly. In the first part of this session, we’ll share an overview of key developments from 2024 and the early months of 2025. Then, BookNet’s resident standards expert, Tom Richardson, and CEO, Lauren Stewart, have a forward-looking conversation about what’s next. Link to recording, presentation slides, and accompanying resource: https://bnctechforum.ca/sessions/standardsgoals-for-2025-standards-certification-roundup/ Presented by BookNet Canada on May 6, 2025 with support from the Department of Canadian Heritage.

AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...Alan Dix

Talk at the final event of Data Fusion Dynamics: A Collaborative UK-Saudi Initiative in Cybersecurity and Artificial Intelligence funded by the British Council UK-Saudi Challenge Fund 2024, Cardiff Metropolitan University, 29th April 2025 https://alandix.com/academic/talks/CMet2025-AI-Changes-Everything/ Is AI just another technology, or does it fundamentally change the way we live and think? Every technology has a direct impact with micro-ethical consequences, some good, some bad. However more profound are the ways in which some technologies reshape the very fabric of society with macro-ethical impacts. The invention of the stirrup revolutionised mounted combat, but as a side effect gave rise to the feudal system, which still shapes politics today. The internal combustion engine offers personal freedom and creates pollution, but has also transformed the nature of urban planning and international trade. When we look at AI the micro-ethical issues, such as bias, are most obvious, but the macro-ethical challenges may be greater. At a micro-ethical level AI has the potential to deepen social, ethnic and gender bias, issues I have warned about since the early 1990s! It is also being used increasingly on the battlefield. However, it also offers amazing opportunities in health and educations, as the recent Nobel prizes for the developers of AlphaFold illustrate. More radically, the need to encode ethics acts as a mirror to surface essential ethical problems and conflicts. At the macro-ethical level, by the early 2000s digital technology had already begun to undermine sovereignty (e.g. gambling), market economics (through network effects and emergent monopolies), and the very meaning of money. Modern AI is the child of big data, big computation and ultimately big business, intensifying the inherent tendency of digital technology to concentrate power. AI is already unravelling the fundamentals of the social, political and economic world around us, but this is a world that needs radical reimagining to overcome the global environmental and human challenges that confront us. Our challenge is whether to let the threads fall as they may, or to use them to weave a better future.

Greenhouse_Monitoring_Presentation.pptx.hpbmnnxrvb

Into The Box Conference Keynote Day 1 (ITB2025)Ortus Solutions, Corp

tecnologias de las primeras civilizaciones.pdffjgm517

How Can I use the AI Hype in my Business Context?Daniel Lehner

𝙄𝙨 𝘼𝙄 𝙟𝙪𝙨𝙩 𝙝𝙮𝙥𝙚? 𝙊𝙧 𝙞𝙨 𝙞𝙩 𝙩𝙝𝙚 𝙜𝙖𝙢𝙚 𝙘𝙝𝙖𝙣𝙜𝙚𝙧 𝙮𝙤𝙪𝙧 𝙗𝙪𝙨𝙞𝙣𝙚𝙨𝙨 𝙣𝙚𝙚𝙙𝙨? Everyone’s talking about AI but is anyone really using it to create real value? Most companies want to leverage AI. Few know 𝗵𝗼𝘄. ✅ What exactly should you ask to find real AI opportunities? ✅ Which AI techniques actually fit your business? ✅ Is your data even ready for AI? If you’re not sure, you’re not alone. This is a condensed version of the slides I presented at a Linkedin webinar for Tecnovy on 28.04.2025.

Generative Artificial Intelligence (GenAI) in BusinessDr. Tathagat Varma

Cyber Awareness overview for 2025 month of securityriccardosl1

TrsLabs - Fintech Product & Business ConsultingTrs Labs

Hybrid Growth Mandate Model with TrsLabs Strategic Investments, Inorganic Growth, Business Model Pivoting are critical activities that business don't do/change everyday. In cases like this, it may benefit your business to choose a temporary external consultant. An unbiased plan driven by clearcut deliverables, market dynamics and without the influence of your internal office equations empower business leaders to make right choices. Getting things done within a budget within a timeframe is key to Growing Business - No matter whether you are a start-up or a big company Talk to us & Unlock the competitive advantage

Technology Trends in 2025: AI and Big Data AnalyticsInData Labs

At InData Labs, we have been keeping an ear to the ground, looking out for AI-enabled digital transformation trends coming our way in 2025. Our report will provide a look into the technology landscape of the future, including: -Artificial Intelligence Market Overview -Strategies for AI Adoption in 2025 -Anticipated drivers of AI adoption and transformative technologies -Benefits of AI and Big data for your business -Tips on how to prepare your business for innovation -AI and data privacy: Strategies for securing data privacy in AI models, etc. Download your free copy nowand implement the key findings to improve your business.

Big Data Analytics Quick Research Guide by Arthur MorganArthur Morgan

This is a Quick Research Guide (QRG). QRGs include the following: - A brief, high-level overview of the QRG topic. - A milestone timeline for the QRG topic. - Links to various free online resource materials to provide a deeper dive into the QRG topic. - Conclusion and a recommendation for at least two books available in the SJPL system on the QRG topic. QRGs planned for the series: - Artificial Intelligence QRG - Quantum Computing QRG - Big Data Analytics QRG - Spacecraft Guidance, Navigation & Control QRG (coming 2026) - UK Home Computing & The Birth of ARM QRG (coming 2027) Any questions or comments? - Please contact Arthur Morgan at [email protected]. 100% human made.

Quantum Computing Quick Research Guide by Arthur MorganArthur Morgan

Dev Dives: Automate and orchestrate your processes with UiPath MaestroUiPathCommunity

This session is designed to equip developers with the skills needed to build mission-critical, end-to-end processes that seamlessly orchestrate agents, people, and robots. 📕 Here's what you can expect: - Modeling: Build end-to-end processes using BPMN. - Implementing: Integrate agentic tasks, RPA, APIs, and advanced decisioning into processes. - Operating: Control process instances with rewind, replay, pause, and stop functions. - Monitoring: Use dashboards and embedded analytics for real-time insights into process instances. This webinar is a must-attend for developers looking to enhance their agentic automation skills and orchestrate robust, mission-critical processes. 👨‍🏫 Speaker: Andrei Vintila, Principal Product Manager @UiPath This session streamed live on April 29, 2025, 16:00 CET. Check out all our upcoming Dev Dives sessions at https://community.uipath.com/dev-dives-automation-developer-2025/.

Procurement Insights Cost To Value Guide.pptxJon Hansen

Manifest Pre-Seed Update | A Humanoid OEM Deeptech In Francechb3

UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPathCommunity

Join this UiPath Community Berlin meetup to explore the Orchestrator API, Swagger interface, and the Test Manager API. Learn how to leverage these tools to streamline automation, enhance testing, and integrate more efficiently with UiPath. Perfect for developers, testers, and automation enthusiasts! 📕 Agenda Welcome & Introductions Orchestrator API Overview Exploring the Swagger Interface Test Manager API Highlights Streamlining Automation & Testing with APIs (Demo) Q&A and Open Discussion Perfect for developers, testers, and automation enthusiasts! 👉 Join our UiPath Community Berlin chapter: https://community.uipath.com/berlin/ This session streamed live on April 29, 2025, 18:00 CET. Check out all our upcoming UiPath Community sessions at https://community.uipath.com/events/.

Heap, Types of Heap, Insertion and DeletionJaydeep Kale

Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Impelsys Inc.

#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025BookNet Canada

Book industry standards are evolving rapidly. In the first part of this session, we’ll share an overview of key developments from 2024 and the early months of 2025. Then, BookNet’s resident standards expert, Tom Richardson, and CEO, Lauren Stewart, have a forward-looking conversation about what’s next. Link to recording, transcript, and accompanying resource: https://bnctechforum.ca/sessions/standardsgoals-for-2025-standards-certification-roundup/ Presented by BookNet Canada on May 6, 2025 with support from the Department of Canadian Heritage.

HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungenpanagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-nomad-web-best-practices-und-verwaltung-von-multiuser-umgebungen/ HCL Nomad Web wird als die nächste Generation des HCL Notes-Clients gefeiert und bietet zahlreiche Vorteile, wie die Beseitigung des Bedarfs an Paketierung, Verteilung und Installation. Nomad Web-Client-Updates werden “automatisch” im Hintergrund installiert, was den administrativen Aufwand im Vergleich zu traditionellen HCL Notes-Clients erheblich reduziert. Allerdings stellt die Fehlerbehebung in Nomad Web im Vergleich zum Notes-Client einzigartige Herausforderungen dar. Begleiten Sie Christoph und Marc, während sie demonstrieren, wie der Fehlerbehebungsprozess in HCL Nomad Web vereinfacht werden kann, um eine reibungslose und effiziente Benutzererfahrung zu gewährleisten. In diesem Webinar werden wir effektive Strategien zur Diagnose und Lösung häufiger Probleme in HCL Nomad Web untersuchen, einschließlich - Zugriff auf die Konsole - Auffinden und Interpretieren von Protokolldateien - Zugriff auf den Datenordner im Cache des Browsers (unter Verwendung von OPFS) - Verständnis der Unterschiede zwischen Einzel- und Mehrbenutzerszenarien - Nutzung der Client Clocking-Funktion

Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...BookNet Canada

AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...Alan Dix

Greenhouse_Monitoring_Presentation.pptx.hpbmnnxrvb

Into The Box Conference Keynote Day 1 (ITB2025)Ortus Solutions, Corp

tecnologias de las primeras civilizaciones.pdffjgm517

How Can I use the AI Hype in my Business Context?Daniel Lehner

Generative Artificial Intelligence (GenAI) in BusinessDr. Tathagat Varma

Cyber Awareness overview for 2025 month of securityriccardosl1

TrsLabs - Fintech Product & Business ConsultingTrs Labs

Technology Trends in 2025: AI and Big Data AnalyticsInData Labs

Big Data Analytics Quick Research Guide by Arthur MorganArthur Morgan

Quantum Computing Quick Research Guide by Arthur MorganArthur Morgan

Dev Dives: Automate and orchestrate your processes with UiPath MaestroUiPathCommunity

Procurement Insights Cost To Value Guide.pptxJon Hansen

Manifest Pre-Seed Update | A Humanoid OEM Deeptech In Francechb3

UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPathCommunity

Heap, Types of Heap, Insertion and DeletionJaydeep Kale

Enhancing ICU Intelligence: How Our Functional Testing Enabled a Healthcare I...Impelsys Inc.

#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025BookNet Canada

HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungenpanagenda

GateKeeper - bypass or not bypass?

1. GateKeeper Bypass or not bypass? Csaba Fitzl Twitter: @theevilbit

2. whoami • red teamer, ex blue teamer • kex - kernel exploitation python toolkit • recent macOS research • husband, father • hiking • yoga

3. the goal Understand how GateKeeper works and when it is invoked, show ways to bypass / avoid it.

4. Mojave

5. tests gone wrong • while working on something: • create pkg/mach-o ﬁle unsigned locally and run • download a unsigned pkg/mach-o and run it from Terminal • never got a GateKeeper popup • what? why?

6. experiment prep • create a meterpreter mach-o • serv via HTTP • download • ensure quarantine ﬂag is present

7. experiment #1 • double click • use ‘open’ command

8. experiment #2 • add executable rights • run • enjoy your shelz

9. experiment #3 • create plist ﬁle • load it • enjoy your shelz

10. experiment #4 • create code that wraps it • compile, run • enjoy your shelz

11. what? • is experiment 2-4 a bypass or not? • seemed to be well known, but even Patrick Wardle was unsure: • let’s ask Apple!! • not a bypass, expected behaviour

12. conclusion Gatekeeper only verifies executables, which are run with the òpen` command or the user double clicks (=LaunchServices) on first run. It won’t verify files, that are executed through other means like, directly executing a binary `./myapp` regardless of the quarantine attribute. If you can place a plist file inside LaunchAgents/LaunchDaemons, the command inside will also be executed. Although it’s not clearly stated everywhere, but I think the overall goal is prevent execution when users double-click applications downloaded from the Internet. If you go and grant execution rights, I think Apple assumes ‘advanced’ users in that case and will not deal with it. This is my take on it.

13. i still want a bypass / RCE • plist file inside LaunchAgents will be loaded regardless of the ‘q’ flag • idea: let’s drop a plist file there during download • Safari auto unzips files (default) - (protip: TURN THIS FEATURE OFF!!) • let’s try to redirect files • after plenty of hours, days, weeks - no luck, no escape from the ‘Downloads’ folder

14. • if we can’t do it, let’s ask the user to do it :D • how do you install apps on macOS? D&D. • let’s create something similar

15. creating your DMG • replace the symlink on the right • add an icon to your plist ﬁle (Get Info) • arrange your DMG layout • result:

16. demo time

17. Catalina

18. changes • on top of Mojave, GK is also invoked if • executed via ‘exec’, etc… (on ﬁrst run) • malware check on *every* execution (not just 1st run) • the previous experiments won’t work • although it was well known to everyone (bypass GK via ‘exec’), no one raised it to Apple, likely only me, thus:

19. yet to be ﬁxed - plist • plist ﬁles are still loaded regardless of the ‘q’ attribute • you can put shell scripts inside • D&D trick is killed in Catalina (user’s can’t D&D to symlinks pointing to LaunchAgents folder)

20. bring your own VM :) • Qemu is supported on macOS, signed • use that to run a VM (cryptominer malware) • not useful if you need to access user data • useful if you only need CPU power

21. ?

22. Credits / References • Icons made by Freepik, Prosymbols, good-ware from FlatIcon • https://developer.apple.com/videos/play/wwdc2019/701 • https://blog.malwarebytes.com/mac/2019/06/new-mac-cryptominer- malwarebytes-detects-as-bird-miner-runs-by-emulating-linux/ • https://objective-see.com/blog/blog_0x32.html • https://speakerdeck.com/patrickwardle/shmoocon-2016-gatekeeper- exposed-come-see-conquer

GateKeeper - bypass or not bypass?

Recommended

More Related Content

What's hot (20)

Similar to GateKeeper - bypass or not bypass? (20)

More from Csaba Fitzl (7)

Recently uploaded (20)

GateKeeper - bypass or not bypass?