Cross-Site Escape: Pwning macOS Safari Sandbox the Unusual Way

In this talk, I’ll present a novel attack targeting the design flaws of the reachable IPC and their associated WebViews by utilizing the classic web security attack, i.e., Cross-Site Scripting (XSS). Without re-exploiting WebKit twice, native code execution outside the sandbox is achieved….

By: Zhi Zhou

Full Abstract & Presentation Materials:
https://www.blackhat.com/eu-20/briefings/schedule/#cross-site-escape-pwning-macos-safari-sandbox-the-unusual-way-21133Black HatRead More