module
Bypass the macOS TCC Framework
| Disclosed |
|---|
| N/A |
Disclosed
N/A
Description
This module exploits a vulnerability in the TCC daemon on macOS Catalina
( manipulated (by setting the HOME environment variable) to use a new user
controlled location as the TCC database. We can then grant ourselves
entitlements by inserting them into this new database.
( manipulated (by setting the HOME environment variable) to use a new user
controlled location as the TCC database. We can then grant ourselves
entitlements by inserting them into this new database.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.