#HITB2018AMS

hitbhitbsecconfhackintheboxmin (spark) zhengxiaolong baimacosioskernelbugshitb2018ams

Скачать #HITB2018AMS бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно #HITB2018AMS или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Cкачать музыку #HITB2018AMS бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео #HITB2018AMS

Though residing in the kernel with high privileges, drivers in macOS and iOS are always blamed for their poor quality and frequently abused in exploitations against the kernel. However, most drivers in macOS and iOS are closed source, making them difficult to be analyzed.

In this talk, we will share our experience of analyzing and finding bugs in macOS and iOS kernel drivers (in short, Apple drivers). We will introduce our open source tool, Ryuk, for analyzing Apple drivers, which greatly facilitates the process of manual review and static analysis. Further, we will introduce two zero-day kernel driver vulnerabilities we recently found that can be exploited for privilege escalation on macOS 10.13.2. Several new kernel exploitation strategies we use on the latest macOS will also be explained and discussed.

We will show how we gain root privilege on the latest macOS, and also share our experience of exploiting the macOS kernel with several new strategies.

===

Xiaolong Bai (twitter @bxl1989) is a security engineer in Alibaba inc. He received his Ph.D. degree in Tsinghua University. He has published several research papers on top conferences including IEEE S&P, Usenix Security, CCS, NDSS, and presented his research in Black Hat USA 2016. He has been acknowledged by famous vendors, including Apple, Google, Facebook, Evernote, and Tencent for his contribution in improving the security of their products.

---

Min (Spark) Zheng (twitter@SparkZheng) is a security expert at Alibaba mobile security. He received his Ph.D. degree in the CSE department of the CUHK. His research focuses on malware analysis, smartphone (Android & iOS) security, system design and implementation. Before receiving Alibaba A-Star offer award in 2015, he worked in FireEye, Baidu and Tencent. He was the champion of GeekPwn 2014 and AliCTF 2015. And he won the “best security researcher” award in FIT 2016 for detecting the iOS/macOS vulnerabilities, XcodeGhost virus and WormHole RCE vulnerability. He has more than 3,000 stars on his github (@zhengmin1989). And he gave talks at DEFCON, HITB, BlackHat, RUXCON, etc.

Комментарии

Информация по комментариям в разработке