Overview
Syllabus
Intro
Apple Devices & Jailbreaking
Mitigation - DEP/KASLR
Mitigation - Freelist Randomization
black hat Mitigation - Wrong Zone Free Protection
blackhat New Target - Mach Port in User Space
black hat New Target - Struct ipc port in Kernel Space
blackhat (Mach) Port-oriented Programming (POP)
MIG in Kernel Cache
blackhat General Purpose Primitives for Host
General Purpose Primitives for VM
Querying Primitives
Memory Interoperation Primitives
Arbitrary Code Execution Primitives
Practical Case Study: Yalu Exp
iOS 11 Kernel Task Mitigation
blackhat Mitigation bypass in Async_wake Exp
Enterprise Computer Security
XNU Kernel Object Protector
Inline Hooking
Examiners
Evaluation
Discussion
Conclusion
Reference
Taught by
Black Hat