https://github.com/ffri/cve-2025-24204
PoC and technical details of CVE-2025-24204
Science Score: 26.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
○CITATION.cff file
-
✓codemeta.json file
Found codemeta.json file -
✓.zenodo.json file
Found .zenodo.json file -
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (2.0%) to scientific vocabulary
Repository
PoC and technical details of CVE-2025-24204
Basic Info
- Host: GitHub
- Owner: FFRI
- License: apache-2.0
- Language: Python
- Default Branch: main
- Size: 95.7 KB
Statistics
- Stars: 56
- Watchers: 0
- Forks: 13
- Open Issues: 1
- Releases: 0
Metadata Files
README.md
CVE-2025-24204
About
CVE-2025-24204 is a vulnerability that allows reading any process memory on SIP-enabled macOS systems. The root cause of this vulnerability stems from adding an excessively powerful entitlement (com.apple.system-task-ports.read) to the gcore binary. Exploiting this vulnerability enables:
- Dumping login keychain without user plaintext login password
- Bypassing TCC and accessing sensitive information
- Decrypting FairPlay-encrypted iOS apps on Apple Silicon Macs
Author
Koh M. Nakagawa (@tsunek0h). © FFRI Security, Inc. 2025
License
Owner
- Name: FFRI Security, Inc.
- Login: FFRI
- Kind: organization
- Location: Tokyo, Japan
- Website: https://www.ffri.jp/
- Repositories: 12
- Profile: https://github.com/FFRI
Next Generation Security
GitHub Events
Total
- Issues event: 1
- Watch event: 26
- Push event: 3
- Public event: 1
- Pull request event: 1
- Fork event: 6
Last Year
- Issues event: 1
- Watch event: 26
- Push event: 3
- Public event: 1
- Pull request event: 1
- Fork event: 6
Issues and Pull Requests
Last synced: 9 months ago
All Time
- Total issues: 1
- Total pull requests: 1
- Average time to close issues: N/A
- Average time to close pull requests: about 8 hours
- Total issue authors: 1
- Total pull request authors: 1
- Average comments per issue: 0.0
- Average comments per pull request: 0.0
- Merged pull requests: 1
- Bot issues: 0
- Bot pull requests: 0
Past Year
- Issues: 1
- Pull requests: 1
- Average time to close issues: N/A
- Average time to close pull requests: about 8 hours
- Issue authors: 1
- Pull request authors: 1
- Average comments per issue: 0.0
- Average comments per pull request: 0.0
- Merged pull requests: 1
- Bot issues: 0
- Bot pull requests: 0
Top Authors
Issue Authors
- lnguy1933 (1)
Pull Request Authors
- kohnakagawa (1)
Top Labels
Issue Labels
Pull Request Labels
Dependencies
- lief >=0.16.4
- pyinstaller >=6.12.0
- typer >=0.15.2
- altgraph 0.17.4
- bypass-tcc 0.1.0
- click 8.1.8
- colorama 0.4.6
- lief 0.16.4
- macholib 1.16.3
- markdown-it-py 3.0.0
- mdurl 0.1.2
- packaging 24.2
- pefile 2023.2.7
- pygments 2.19.1
- pyinstaller 6.12.0
- pyinstaller-hooks-contrib 2025.1
- pywin32-ctypes 0.2.3
- rich 13.9.4
- setuptools 75.8.2
- shellingham 1.5.4
- typer 0.15.2
- typing-extensions 4.12.2
- lief >=0.16.4
- typer >=0.15.1
- click 8.1.8
- colorama 0.4.6
- decrypt-fairplay 0.1.0
- lief 0.16.4
- markdown-it-py 3.0.0
- mdurl 0.1.2
- pygments 2.19.1
- rich 13.9.4
- ruff 0.9.7
- shellingham 1.5.4
- typer 0.15.1
- typing-extensions 4.12.2
- chainbreaker *
- lief >=0.16.3
- typer >=0.15.1
- altgraph 0.17.4
- argparse 1.4.0
- chainbreaker 3.0.3
- click 8.1.8
- colorama 0.4.6
- decrypt-keychain 0.1.0
- lief 0.16.3
- macholib 1.16.3
- markdown-it-py 3.0.0
- mdurl 0.1.2
- packaging 24.2
- pefile 2023.2.7
- pycryptodome 3.21.0
- pygments 2.19.1
- pyinstaller 6.12.0
- pyinstaller-hooks-contrib 2025.1
- pywin32-ctypes 0.2.3
- rich 13.9.4
- ruff 0.9.7
- setuptools 75.8.0
- shellingham 1.5.4
- typer 0.15.1
- typing-extensions 4.12.2