https://github.com/bo0om/safiler

Safari local file reader
https://github.com/bo0om/safiler

exploit macos safari vulnerability

Last synced: about 10 hours ago
JSON representation

Safari local file reader

• Host: GitHub
• URL: https://github.com/bo0om/safiler
• Owner: Bo0oM
• Created: 2017-07-04T18:39:51.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2018-10-22T20:39:50.000Z (about 6 years ago)
• Last Synced: 2023-10-20T18:19:47.192Z (about 1 year ago)
• Topics: exploit, macos, safari, vulnerability
• Language: Python
• Homepage: https://lab.wallarm.com/hunting-the-files-34caa0c1496
• Size: 4.43 MB
• Stars: 122
• Watchers: 10
• Forks: 21
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Info

https://lab.wallarm.com/hunting-the-files-34caa0c1496

https://xakep.ru/2017/07/06/safari-localfile-read/

# How to start

## Clone files

```bash

$ git clone https://github.com/Bo0oM/Safiler.git

$ cd Safiler

```

## Run server

```bash

$ [sudo] pip install -r requirements.txt

$ python server.py

```

## Open PoC

Open `PoC.xhtm` or `PoC.webarchive` in Safari.

Copy on a USB flash drive and carry it with you :)

### Demo

Exploit PoC: https://bo0om.ru/safari_poc/

![Demo](https://raw.githubusercontent.com/Bo0oM/Safiler/master/demo.gif)