macOS - Gaining root with harmless AppStore apps

The talk will go through my research about how did I get from trying to do dylib hijacking to finding an LPE vulnerability on macOS. I will show 2 bugs that allows us to gain root on a macOS system, and will also show how we can infect installer packages without breaking the App’s signature.

About the Speaker