Explore a groundbreaking Safari exploit submitted to Pwn2Own 2020 that successfully compromises the macOS kernel through the browser. Delve into the intricate process of chaining six vulnerabilities to achieve this seemingly impossible feat. Learn from offensive security researchers as they share their techniques for remote kernel exploitation, overcoming continuous efforts to eliminate vulnerabilities and introduce mitigations. Gain insights into the ultimate goal of offensive security research and understand the complexities involved in breaching browser security to reach the kernel level. Presented by Yonghwi Jin, Jungwon Lim, Insu Yun, and Taesoo Kim at Black Hat, this 41-minute talk offers a deep dive into advanced exploitation techniques and the current state of macOS and Safari security.
Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities
Overview
Syllabus
Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities
Taught by
Black Hat
Related Courses
-
New Attack Surface in Safari - Using Just One Web Audio Vulnerability to Rule Safari
-
Messenger Hacking - Remotely Compromising an iPhone through iMessage
-
Fire & Ice - Making and Breaking macOS Firewalls
-
Fire & Ice - Making and Breaking macOS Firewalls
-
macOS Vulnerabilities Hiding in Plain Sight
-
The Price of Compatibility - Defeating macOS Kernel Using Extended File Attributes
