将进程注入引入视图:利用所有使用 nib 文件的 macOS 应用程序 | CTF导航
Tags
| attack-pattern: | Applescript - T1059.002 Javascript - T1059.007 Python - T1059.006 Applescript - T1155 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | c7e48680-97e3-4515-9a1f-a85a2b7a5996 |
| Fingerprint | e0bc43f57f16b58d |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | Sept. 5, 2024, midnight |
| Added to db | Sept. 30, 2024, 8:53 a.m. |
| Last updated | Nov. 15, 2024, 2:39 p.m. |
| Headline | 将进程注入引入视图:利用所有使用 nib 文件的 macOS 应用程序 |
| Title | 将进程注入引入视图:利用所有使用 nib 文件的 macOS 应用程序 | CTF导航 |
| Detected Hints/Tags/Attributes | 23/1/11 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.ctfiot.com/207318.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 426 | ✔ | CTF导航 | https://www.ctfiot.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 3 | cve-2021-30873 |
|
| Details | CVE | 3 | cve-2023-40450 |
|
| Details | Domain | 15 | mail.app |
|
| Details | Domain | 4 | system.install.apple |
|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 7 | assistant.app |
|
| Details | File | 130 | info.pl |
|
| Details | File | 1 | 文件内容info.pl |
|
| Details | File | 1 | 或在应用程序info.pl |
|
| Details | Url | 1 | https://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files/#fnref:1 |
|
| Details | Url | 1 | https://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files/#fnref:2 |