Completed
readback
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
XNU Heap Exploitation - From Kernel Bug to Kernel Control
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Topics
- 3 Goal
- 4 General idea
- 5 Disclaimer
- 6 Mac ports
- 7 Task ports
- 8 Send right
- 9 Zones
- 10 Catalog
- 11 Exploit treadmill
- 12 liolistio
- 13 kernel panic
- 14 mock messages
- 15 different types of messages
- 16 heap zones
- 17 heap in memory
- 18 reallocate heap
- 19 kcall
- 20 pan
- 21 pan bypass
- 22 block360ccn
- 23 vultureswap
- 24 mick
- 25 zuguza
- 26 thepark
- 27 Screenshot
- 28 Code
- 29 Expectations
- 30 Wintex exploit
- 31 gc vouchers
- 32 target voucher
- 33 allocation
- 34 voucher allocation
- 35 assumptions
- 36 garbage collection
- 37 time
- 38 control
- 39 memory pressure
- 40 readback
- 41 pointer leak
- 42 dangling voucher
- 43 iprequest
- 44 kread
- 45 fake port
- 46 k read
- 47 vortex leak
- 48 kernel leak
- 49 ref mitigations
- 50 pipes
- 51 nonblocking pipe
- 52 heap pointer to port
- 53 fake ports
- 54 kernel read
- 55 kernel zone map
- 56 vortex cell
- 57 conclusion
- 58 QA