This repository contains a proof of concept (PoC) for a Safari 1day Remote Code Execution (RCE) exploit. It is intended solely for educational purposes and should not be used for any malicious activities. The exploit has been confirmed to work on macOS 13.3.1 and iOS 15.8.2, but may be patched in later versions (iOS 16.5.1/macOS 13.4.1). Currently, it only works on macOS 13.0.1 (x86_64) due to hardcoded offsets.

Key Features

Educational Purpose: Designed for learning and understanding security vulnerabilities.
Confirmed Exploit: Works on specific versions of macOS and iOS.
Community Contribution: Open for contributions and improvements from the community.

Benefits

Understanding Security: Helps developers and security researchers understand RCE vulnerabilities in Safari.
Research and Development: Useful for those studying exploit development and security research.

Highlights

Languages Used: JavaScript, Python, HTML, C, and Makefile.
Community Engagement: Encourages feedback and contributions from users.

WebKit-Bug-256172

Introduction

Information

Categories

Tags

More Products

Phantom

Exploiting AI

PINT Benchmark

WebKit-Bug-256172

Key Features

Benefits

Highlights

Newsletter

Join the Community

Newsletter

Join the Community

WebKit-Bug-256172

Introduction

Information

Categories

Tags

More Products

Phantom

Exploiting AI

PINT Benchmark

WebKit-Bug-256172

Key Features

Benefits

Highlights