This vulnerability allows to bypass System Integrity Protection (SIP) and gain Full Disk Access (FDA) among other things. It allows to remove the restricted flag on any folder on the system with just two lines of code. This vulnerability has no CVE assisnged, and has been tested on macOS 14.0 and earlier. This exploit do not work on MacOS 14.4. Versions 14.1, 14.2 and 14.3 have not been tested.
If we use installer to install InstallAssistant.pkg on the system, it extracts the packages on /Applications/Install macOS Ventura.app. If before installing the package we create a symbolic link on /Applications/ called Install macOS Ventura.app that points to a folder with the restricted flag, system_installd removes the restricted flag of the folder.
An attacker could remove the restricted flag of any folder like /Library/Application Support/com.apple.TCC/, move the folder to any other location, and replace the folder with a malicious one containing a custom TCC database.
A terminal with root privileges
- Download InstallAssistant.pkg
- Modify the variable
TARGET_DIRto a SIP protected directory (default target is the system TCC database directory). - Give the exploit execution permissions:
$ chmod +x exploit.sh- Run the exploit:
$ ./exploit.sh PATH_TO_INSTALLED_PKG- You should now be able to see the that the
TARGET_DIRdont have therestrictedflag with the following command:
$ ls -ldO TARGET_DIRThis exploit allows an attacker to remove the restrictions on any directory on the file system. Thus, an attacker could move the SIP protected directory to a different location, and replace it with an alternative directory with malicious contents (i.e., replace the TCC database with a malicious one to gain FDA).