Youtube

Local Root Exploit in HospitalRun Software

Youtube



Summary and Keypoints

Short Summary

The speaker announces the publication of a zero-day exploit, prompting a moment of confusion about the context and significance of this revelation.

Key Points

  • The speaker has published a zero-day exploit.
  • There is an initial moment of disbelief regarding the situation.
  • The revelation of the exploit signifies a potentially critical cybersecurity issue.
  • The use of “BINGO!” suggests a moment of realization or clarity about the implications of the exploit.

Youtube Channel: LiveOverflow
Video Published: 2023-07-22T14:02:43+00:00

Video Description:
Let’s talk about a , “security flaw in hospital software that allows full access to medical devices”. This issue was disclosed on LinkedIn and included a full exploit code. Let’s use this app as an example on how to find a macOS privilege escalation and learn how local root exploits can work.
Print BINGO sheet: https://twitter.com/liveoverflow/status/1682650394227351552

Sources:
Original LinkedIn Post: https://web.archive.org/web/20230424004137/https://www.linkedin.com/posts/jeanpereira00_sicherheitsl%C3%BCcke-in-krankenhaus-software-activity-7055185115584303104-2eZr
The Exploit code: https://0day.today/exploit/38531
“The project has been deprecated for 2 years. Version 1.0.0-beta has been an EOL for at least 5 years” – developer statement: https://twitter.com/tehkapa/status/1650059269939552256

My references finding priv esc issues in macOS apps:
https://github.com/cure53/Publications/blob/master/summary-report_tunnelbear.pdf
https://github.com/cure53/Publications/blob/master/summary-report_tunnelbear_2018.pdf
https://github.com/cure53/Publications/blob/master/summary-report_tunnelbear_2019.pdf
https://github.com/cure53/Publications/blob/master/pentest-report_IVPN.pdf

Help me pay for any legal trouble in case somebody wants to sue me (advertisement): https://shop.liveoverflow.com/

Chapters:
00:00 – Intro: Practice Research with Existing Issues
01:45 – HospitalRun Functionality
03:07 – What is a Local Root Exploit?
05:49 – Typical macOS Priviledge Escalation Issues
09:23 – Looking for Priviledged Helper in HospitalRun
10:10 – My Experience in finding Local Root Exploits on macOS
11:46 – Threat Modeling and Common Deployments
13:11 – Was this an April Fools Joke?
14:18 – Analysing and Cleaning Up The Exploit Code
17:51 – Reading Comments on LinkedIn
19:29 – BINGO!

=[ ❤️ Support ]=

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

2nd Channel: https://www.youtube.com/LiveUnderflow

=[ 🐕 Social ]=

→ Twitter: https://twitter.com/LiveOverflow/
→ Streaming: https://twitch.tvLiveOverflow/
→ TikTok: https://www.tiktok.com/@liveoverflow_
→ Instagram: https://instagram.com/LiveOverflow/
→ Blog: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

Tags: EXPLOIT, HOSPITAL, LEARN, ZERO-DAY, PRIVILEGE, full