# CVE-2023-42860
Exploit for [CVE-2023-42860]( (for research purposes only).

This exploit works for versions of macOS earlier to 13.3, even though [Apple´s changelog]( says it was fixed in version 14.1.

## Steps
1. [Download]( the InstallAssistant.pkg
2. Modify the variable `TARGET_FILE` to a SIP protected file (default target is the system TCC database).
3. Compile the exploit:
$ gcc exploit.c -o exploit -lpthread
4. Run the exploit:
$ ./exploit PATH_TO_PKG
5. You should now be able to modify the SIP protected file through `/Applications/Install\ macOS\` as the root user.

## Reference