Completed
Captive Portal on iOS: How does it work?
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 About Tencent Keen Security Lab
- 3 Rules changed
- 4 WiFi on iOS, Captive Portal
- 5 Captive Portal on iOS: How does it work?
- 6 Plan of attack
- 7 Create a Malicious Wi-Fi Network
- 8 Serving a Webkit Exploit
- 9 Where we gained code execution?
- 10 Usermode bugs
- 11 CVE-2016-7630 - Sandbox Profile
- 12 CVE-2016-7630 - WebSheet entitlements
- 13 CVE-2016-7630 - Managed configuration
- 14 CVE-2016-7630- How to create a configuration profile
- 15 Offtopic, is jumping through webviews new?
- 16 DEMO
- 17 Comparisons and thoughts
- 18 Kernel bug case study
- 19 9.3.x kernel bugs
- 20 Conclusions