CVE-2023-40299 TCC Bypass with Kong Insomnia in MacOS

Introduction TCC (Transparency, Consent and Control) is a mechanism in MacOS that helps restrict access to protected folders on a system. This helps a user make informed consent whenever an application seeks to access files in a folder (eg Desktop). A more indepth discussion about TCE can be found here. From an attacker’s perspective, he would want to find out as much information that belongs to the victim when he manages to get a RAT (Remote Access Trojan) on the system....

Understanding TCC

Introduction TCC (Transparency, Consent and Control), is built into MacOS as a means to protect sensitive user data from access by applications. The idea is such that no application can access such user data without the user’s permission (but asked only once). TCC covers a wide spectrum of data within the OS. To find out what’s under TCC, you can go to System Preferences -> Privacy and Security. Applications that appear in the list usually show up due to them having requested for such a permission....

July 11, 2023 2844 words 14 min

How to create a MacOS virtual machine for VMWare

Create MacOS virtual machine for VMWare, only works on Intel Macs

May 20, 2023 342 words 2 min