MacOS Security - Escaping The Sandbox & Bypassing TCC

Explore macOS security mechanisms, focusing on sandboxing and Transparency, Consent, and Control (TCC) in this 55-minute conference talk from the Hack In The Box Security Conference. Dive into the evolution of macOS security features, including the introduction of sandbox-like restrictions for non-sandboxed apps in macOS Catalina. Examine the new security boundaries created by these measures and the potential vulnerabilities they introduce. Learn about the challenges developers face in safeguarding app permissions and the importance of understanding these new security models. Discover techniques for bypassing protections in third-party applications and analyze real-world vulnerabilities that allowed sandbox escapes, TCC permission theft, and privilege escalation. Gain insights from security researchers Thijs Alkemade and Daan Keuper as they share their findings on macOS and iOS security, including specific CVEs in macOS and Adobe Reader.

#HITB2021AMS D1T1 - MacOS Security: Escaping The Sandbox & Bypassing TCC - T. Alkemade and D. Keuper