XNU Heap Exploitation - From Kernel Bug to Kernel Control

XNU Heap Exploitation - From Kernel Bug to Kernel Control

nullcon via YouTube Direct link

General idea

4 of 58

4 of 58

General idea

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

XNU Heap Exploitation - From Kernel Bug to Kernel Control

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Topics
  3. 3 Goal
  4. 4 General idea
  5. 5 Disclaimer
  6. 6 Mac ports
  7. 7 Task ports
  8. 8 Send right
  9. 9 Zones
  10. 10 Catalog
  11. 11 Exploit treadmill
  12. 12 liolistio
  13. 13 kernel panic
  14. 14 mock messages
  15. 15 different types of messages
  16. 16 heap zones
  17. 17 heap in memory
  18. 18 reallocate heap
  19. 19 kcall
  20. 20 pan
  21. 21 pan bypass
  22. 22 block360ccn
  23. 23 vultureswap
  24. 24 mick
  25. 25 zuguza
  26. 26 thepark
  27. 27 Screenshot
  28. 28 Code
  29. 29 Expectations
  30. 30 Wintex exploit
  31. 31 gc vouchers
  32. 32 target voucher
  33. 33 allocation
  34. 34 voucher allocation
  35. 35 assumptions
  36. 36 garbage collection
  37. 37 time
  38. 38 control
  39. 39 memory pressure
  40. 40 readback
  41. 41 pointer leak
  42. 42 dangling voucher
  43. 43 iprequest
  44. 44 kread
  45. 45 fake port
  46. 46 k read
  47. 47 vortex leak
  48. 48 kernel leak
  49. 49 ref mitigations
  50. 50 pipes
  51. 51 nonblocking pipe
  52. 52 heap pointer to port
  53. 53 fake ports
  54. 54 kernel read
  55. 55 kernel zone map
  56. 56 vortex cell
  57. 57 conclusion
  58. 58 QA

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.