← LibraryTechnique entry
MAC-SUDO-CACHEPrivilege Escalation
sudo Cache Token Steal
On Apple Silicon prior to mitigation, a user-process could read /var/db/sudo/ts to reuse a fresh sudo timestamp for root without password.
§ Where this technique fits
MAC-SUDO-CACHE is catalogued under the Privilege Escalation tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.