Attacking iPhone XS Max

Описание к видео Attacking iPhone XS Max

Attacking iPhone XS Max
Tielei Wang | Co-founder, Team Pangu
Hao Xu | Co-founder, Team Pangu
Location: South Pacific
Date: Thursday, August 8 | 3:50pm-4:40pm
Format: 50-Minute Briefings
Tracks: Mobile, Exploit Development

With the release of iPhone XS and XS Max, Apple's implementation of Pointer Authentication Code (PAC) on the A12 SoC comes more into play for exploit mitigations. While PAC effectively makes many of our own kernel vulnerabilities unexploitable on iPhone XS/XS Max, we were able to achieve tethered jailbreaks on iPhone XS/XS Max. This talk will describe this process. Specifically, this talk will first discuss Apple's PAC implementation based on our tests, introduce an ancient bug in the XNU that is still affecting the latest official release of iOS (i.e. 12.1.4), and then elaborate how to exploit it to bypass PAC and gain arbitrary kernel read/write. Finally, this talk will explain post exploitation techniques including how to make arbitrary kernel function call based on arbitrary kernel read/write.

Black Hat - USA - 2019 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security

Комментарии

Информация по комментариям в разработке