Rootten Apples - Vulnerability Heaven in the iOS Sandbox
Hack In The Box Security Conference via YouTube
Overview
Dive into a comprehensive exploration of iOS security vulnerabilities in this conference talk from HITB Security Conference. Discover how attackers target iOS devices and learn about the constant attack surface for containerized applications following Apple's introduction of self-signed applications. Examine code not typically accessible by containerized apps but available to other processes, regardless of security context. Uncover multiple privilege escalation vulnerabilities affecting all iOS devices and witness a detailed exploitation demonstration that chains these vulnerabilities together, leading to arbitrary kernel code execution and bypassing all current iOS security mitigations. Gain insights from mobile security researcher Adam Donenfeld as he shares his findings and expertise in this 44-minute presentation on the hidden vulnerabilities within the iOS sandbox.
Syllabus
#HITBGSEC 2017 Conf D2 - Rootten Apples: Vulnerability Heaven In The iOS Sandbox - Adam Donenfeld
Taught by
Hack In The Box Security Conference