Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Elevating Privileges on macOS by Audit Token Spoofing

Objective-See Foundation via YouTube

Start learning Write review
Pragmatic Institute Ad

AI Product Expert Certification - Master Generative AI Skills

Learn More → Datacamp Ad

Power BI Fundamentals - Create visualizations and dashboards from scratch

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Watch a detailed security conference talk exploring how XPC technology in Apple's operating systems can be exploited through audit token spoofing. Dive into the mechanics of XPC implementation over mach messages and discover how multiple-sender scenarios can potentially bypass authorization checks. Learn about a specific vulnerability (CVE-2023-32405) in macOS's smd service that enables privilege escalation through this technique. Presented by Thijs Alkemade, a two-time Pwn2Own winner and security researcher at Computest, who brings deep expertise in mathematics, computer science, and operating system security to explain complex security concepts in accessible terms.

Syllabus

#OBTS v6.0: "Elevating Privileges on macOS by Audit Token Spoofing" - Thijs Alkemade

Taught by

Objective-See Foundation

Reviews

Start your review of Elevating Privileges on macOS by Audit Token Spoofing

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.