![]() It was a bit after 10:00 PM and I’d just gotten home from playing water polo. The attacker would either need to control a calendar the victim subscribes to and has explicitly chosen to allow alerts for, or have a foothold on the victim’s system with control over a process that has been granted specific permissions I’ll go over both of these attack paths. So, while yes, Calendar alerts can be abused to execute code on a victim’s system, it would also require the attacker to be in a semi-privileged position. Programmatically adding an event/alert requires the “Calendars” privacy permission (or “Full Disk Access”).Subscribing to a calendar defaults to removing the alerts for that calendar, and a user must explicitly opt-out of this protection.Calendar prevents you from importing an event with potentially harmful alerts (i.e. ![]() As best as I can tell, this is working as intended, and Apple has put in safeguards to minimize the likelihood of abuse: This can be used to launch apps or run binaries (i.e. In this post, I explore the potential abuse of some features within the macOS Calendar application.Ĭalendar, the default and bundled calendaring application on macOS, supports setting various alerts for calendar events and one of these alerts, “Open file”, will “open” a file at a given time. ![]() This post is more about the journey of taking a thought, investigating it, and analyzing the possible abuses of a specific technology feature than about the end result or a particular vulnerability or exploit. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |