{"id":18470285,"url":"https://github.com/dreadl0ck/osx-root-installer","last_synced_at":"2025-04-08T11:31:37.186Z","repository":{"id":81482590,"uuid":"84401217","full_name":"dreadl0ck/osx-root-installer","owner":"dreadl0ck","description":"OSX ElCapitan Privilege Escalation Proof Of Concept","archived":false,"fork":false,"pushed_at":"2017-06-09T09:57:59.000Z","size":19,"stargazers_count":4,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-06-20T11:59:50.388Z","etag":null,"topics":["exploit","osx","osx-security","security"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dreadl0ck.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-03-09T05:16:51.000Z","updated_at":"2022-09-26T07:07:35.000Z","dependencies_parsed_at":null,"dependency_job_id":"367da2bd-316e-49f8-bf05-a1094a049a86","html_url":"https://github.com/dreadl0ck/osx-root-installer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreadl0ck%2Fosx-root-installer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreadl0ck%2Fosx-root-installer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreadl0ck%2Fosx-root-installer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreadl0ck%2Fosx-root-installer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dreadl0ck","download_url":"https://codeload.github.com/dreadl0ck/osx-root-installer/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223317875,"owners_count":17125605,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exploit","osx","osx-security","security"],"created_at":"2024-11-06T10:13:31.482Z","updated_at":"2024-11-06T10:13:32.189Z","avatar_url":"https://github.com/dreadl0ck.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OSX ElCapitan Privilege Escalation Proof Of Concept\n\nThis demonstrates a simple privilege escalation due to the fact that sudo access is shared between TTYs.\n\nThe program daemonizes and tries to use sudo in the specified interval (default sudo timeout is 5min).\n\nOnce the adminstrator uses sudo inside a shell the installer will succeed,\nand perform either a shell command or downloads a file from remote and execute it.\n\nWhen there's no internet connection the sudo timeout can be extended until there is a working network connection.\n\nThere's also a persistence option that allows to create a new user and add him to the sudoers giving him full root permissions.\n\nThis Behaviour was fixed in OSX Yosemite. Sudo permissions are not shared between TTYs anymore.\n\nLesson Learned: Never choose Comfort over Security!\n\n## Build\n\n```shell\ngo build\n```\n\n## Usage\n\n```text\nUsage: osx-root-installer [-p full|session] [-b bin] [-u url] [-c command]\n  -b string\n        path to binary to execute\n  -c string\n        command to execute\n  -p string\n        make root access persistent \u003cfull/session\u003e\n  -u string\n        url for downloading bin\n```\n\n## Stats\n\n    -------------------------------------------------------------------------------\n    Language                     files          blank        comment           code\n    -------------------------------------------------------------------------------\n    Go                               1             78             52            258\n    Markdown                         1             21              0            100\n    -------------------------------------------------------------------------------\n    SUM:                             2             99             52            358\n    -------------------------------------------------------------------------------\n\n## License\n\n```LICENSE\nOSX ElCapitan Privilege Escalation Proof Of Concept\nCopyright (c) 2017 Philipp Mieden \u003cdreadl0ck [at] protonmail [dot] ch\u003e\n\nTHE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES\nWITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF\nMERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR\nANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES\nWHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN\nACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF\nOR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.\n\nThe author is in no way responsible for any illegal use of this software.\nIt is provided purely as an educational proof of concept.\nThe author also cannot be held responsible for any damages or mishaps that may happen in the course of using this software.\nUse at your own risk.\n```\n\n## Contact\n\nMail: dreadl0ck [at] protonmail [dot] ch\n\n```PGP\n-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v2\n\nmQINBFdOGxQBEADWNY5UsZVA72OHo3B0ycU4X5DChpCS8z207nVOm6aGe/U4Zqn9\nwvr9l99hxdHIKGDKECytCNk33m8dfulXmoluoZ6qMAE+YA0bm75uxYQZtBsrLtoN\n3G/L1M1smtXmEFQXJfpmiUn6PbHH0RGUOsNCtMSbln5ONsfsiNpp0pvg7bJZ9QND\nKc4S0AiB3lizYDQHL0RgdLo2lQCD2+b2lOt/NHE0SSI2FAJYnPTfVUnle49im9np\njMuCIZREkWyd8ElXUmi2lb4fi8RPvwTRwjAC5aapiFNnRqrwH6VPgASDjIIaFhWZ\nKWK7Y1te2N9ut2KlRvDIwVHjICurRJUvuSNApgfxxaKboSSGw8muOBgbrdGuUacI\n9OM8rfHJYGwWmok1BWYMHHzwTFnxx7XOMnE0NHKAukSApsOc/R9DX6P/9x+3kHDP\nIjohm1y13+ZOUiG0KBtH940ZmOVDL5s138kyj9hUHCiLEsE5vRw3+S1fP3QmIYJ1\nVCSCI20G8wIyGDUke6TiwgnLfIQIKzeO+l6F4se7o3QXNPRWnR6oboLz5ntTRvR5\nUF321oFwl54XYh5EartmA5RGRu2mOj2iBdyWwhro5GG7aMjDwQBLxd/bL/wBU6Pv\n5ve1+Bm64e5JicVg3jxPHoDRljOQZjc/uYo9pAaE4hMP9CPTgYWGqhe0xQARAQAB\ntBdQaGlsaXBwIDxtYWlsQG1haWwub3JnPokCOAQTAQIAIgUCV04bFAIbAwYLCQgH\nAwIGFQgCCQoLBBYCAwECHgECF4AACgkQyYmbj9l1CX9kwQ/9EStwziArGsd2xrwQ\nMKOjGpRpBp5oZcBaBtWHORvuayVZkAOcnRMljnqQy527SLqKq9SvF9gRCE178ZzA\n/3ISiPn3P9wLzMnyXvMd9rw9gkMK2sSpV6cFLBmhkXMSeqwoMITLAY3kz+Nu0mh5\nKVSZ5ucBp/1xZXAt6Fx+Trh1PuPYy7FFjeuRwESsGFQ5tXCmso2UXRhCRQyNf+B7\ny4yMmuRHZzG2a2XxiJC27XMHzfNHykN+xTo0lkWaRBNPZRF1eplSD8RlrhgrRjjr\n3fAkn1NlcFbYPvtsnZ133Z79JTXjlJC0RGkRCsHA1EBiwNWFh/VixO6YARR5cWPf\nMJ9WlSHJe6QHF03beKriKkHljGV+8qnczQS/zp5abbwQFK8GuQ6DiX7X/+/BiX3J\nyX61ON3WVo2Wv0IuGtkvbiCOjOpfFE179pezjtJYGC2wLHqdusSAyan87bG9P5mQ\nzvigkOJ5LZIUafZ4O5rpzrNtGXTxygaFn9yraTKkIauXPEia2J82PPmvUWAOINK0\nmG9KbdjSfT73KmG37SBRJ+wdkcYCRppJAJk7a50p1SrdTKlyt940nxXEcyy6p3xU\n89Ud6kiZxrfe+wiH2n93agUSMqYNB9XwDaqudUGy2lpW6FYfx8gtjeeymWu49kaG\ntpceg80gf0hD7HUGIzHAdLsMHce5Ag0EV04bFAEQAKy4sNHN9lx3jY24bJeIGmHT\nFNhSmQPwt7m3l9BFcGu7ZIe0bw/BrgFp1fr8BgUv3WQDuVlLEcPc7ujLpWb1x5eU\ncCGgxsCLb+vDg3X+9aQ/RElRuuiW7AK+yyhUwwhvOuP4WUnRVnaAeY4N1g7QVox8\nU1NsMIKyWBAdPFmG+QyqS3mRgz4hL3PKh9G4tfuEtJqBZrY8IUW2hhZ2DhuAxX0k\nsYHaKZJOsGo22Mi3MMY66FbxnfLJMRj62U9NnZepG59ZulQaro+g4H3he8NNd1BQ\nIE/S56IN4UpmKjf+hiITW9TOkmsv/LFZhEIWgnE57pKKyJ5SdX/OfS87dGZ0zQoM\nwwU74i+lqZMOvxd9Hr3ZIhajecVSX8dZXMLFoYIXGfGx/yMi+CPdC9j41qxFe0be\nmLsU6+csEA8IUHZmDc8CoGNzRj3YxfK5KdkTNugx6YgShLGjO/mWXsJi7e3JnK9a\nE/eN3AqKXthpnFQwOnVx+BDP+ZH8nAOFXniTsAbIxZ5KeKIEDgVGVIq74HAmkhV5\nh9YSGtv7GXcfAn6ciljhuljUR9LcJWwUqpSVjwiITjlQYhXgmeymw2Bhh8DudMlI\nWrc28TmrLNYpUxau85RWSaqCx4LLR6gsggk5q+Mk7lVGx3b21mhoHBDQD4FxBXU6\nTyPs4jTXnRfjT+gmcDZXABEBAAGJAh8EGAECAAkFAldOGxQCGwwACgkQyYmbj9l1\nCX/ntRAA0f2CWp/maA2tdgqy3+6amq6HwGZowxPIaxvy/+8NJSpi8cFNS9LxkjPr\nsKoYKBLVWm1kD0Ko3KTZnHKUObjTv8BNX4YmqMiyr1Nx7E8RGED3rvzPdaWpKfnO\nsIAImnmZih+n3PEinf+hUkfMleyr03D3DrtsCCgZdcI0rMMb/b9hSQlM6YxFeriq\n51U5EexBPmye0omq/JCSIoytc0lTCIf6fPfJZ3mk4cRh0BSYaIza25SJEGeKTFRx\n62iGokK6J0T0cTpUtWonLPM2mjl1zKatdu/rWKk+jTXSEAu42qdhMEphQk0eDFOG\nnoqQW9I9EUD1v5H63VF+sOh9jLc963hxAl5Eu1Q1kTSTYarKpjKW2O0eJMZW1zvC\nwx2QOTw7qXqWRvOidR9OkWCtezG4kgNenDZDXUZU+eQgPVLgNrxCjfE1ZCoIZ889\ntCoa1YrpIGUdHPLiKCebaZQNsel54VBNyNnfQ+GDqR/+raMp17iMnLxEmyE3iroJ\n6cyoVQNb3ECtJlgXq3WHc7lzngYlr7NeAKiuO4omv6MW4N9yQ3/rme4UKEfaFQNw\ne20IYxdHVOr2AQFsZG/KbVEAxquw+1UwJ8DMoZrMuabrEgNWK8Ym82hUSXYH3Rw/\nxJyz65Yc+1IGpL/Np+NhwWeSRaJNvynPjD3G7jTIEWsRXD+uPMo=\n=sBwF\n-----END PGP PUBLIC KEY BLOCK-----\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdreadl0ck%2Fosx-root-installer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdreadl0ck%2Fosx-root-installer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdreadl0ck%2Fosx-root-installer/lists"}