This vulnerability allows to bypass System Integrity Protection (SIP) and gain Full Disk Access (FDA) among other things. It allows to remove the restricted
flag on any folder on the system with just two lines of code. This vulnerability has no CVE assisnged, and has been tested on macOS 14.0 and earlier. This exploit do not work on MacOS 14.4. Versions 14.1, 14.2 and 14.3 have not been tested.
If we use installer
to install InstallAssistant.pkg
on the system, it extracts the packages on /Applications/Install macOS Ventura.app
. If before installing the package we create a symbolic link on /Applications/
called Install macOS Ventura.app
that points to a folder with the restricted
flag, system_installd
removes the restricted
flag of the folder.
An attacker could remove the restricted
flag of any folder like /Library/Application Support/com.apple.TCC/
, move the folder to any other location, and replace the folder with a malicious one containing a custom TCC database.
A terminal with root
privileges
- Download InstallAssistant.pkg
- Modify the variable
TARGET_DIR
to a SIP protected directory (default target is the system TCC database directory). - Give the exploit execution permissions:
$ chmod +x exploit.sh
- Run the exploit:
$ ./exploit.sh PATH_TO_INSTALLED_PKG
- You should now be able to see the that the
TARGET_DIR
dont have therestricted
flag with the following command:
$ ls -ldO TARGET_DIR
This exploit allows an attacker to remove the restrictions on any directory on the file system. Thus, an attacker could move the SIP protected directory to a different location, and replace it with an alternative directory with malicious contents (i.e., replace the TCC database with a malicious one to gain FDA).