Here's a neat exploit to trick someone into inadvertently emailing their files to you from their Mac, iPhone via Safari

2020-08-26 19:21

Pl, has published a proof-of-concept exploit for stealing files from iOS and macOS devices via web application code that utilizes the Web Share API. The security flaw, which isn't too scary as it requires some user interaction, has not yet been repaired, though a patch is being worked on.

The exploit involves getting someone to open in Safari a web page with a button that triggers the WebShareAPI in a way that launches native Mail or Gmail apps.

Native apps can then receive that file path via the navigator.

It has implications for any sensitive URL on the user's private network, like router configuration files, he suggests, adding that it also affects public URLs that might reveal private information if accessed with local cookie files.

Wylecial's video demo shows that malicious code can attach a sensitive local file, like a user's /etc/passwd file or Safari browsing history, to an outgoing message.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/08/26/safari_local_file_leak_api/

#exploit #iphone #MAC #safari