Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The One Weird Trick SecureROM Hates - Vol. 2

nullcon via YouTube

Overview

Explore the intricacies of iOS jailbreaking and the checkm8 vulnerability in this comprehensive conference talk from NULLCON Goa 2020. Delve into the development of pongoOS, a modular pre-boot execution environment for iOS devices, and understand the challenges faced in creating jailbreak tools for non-macOS platforms. Learn about the unfixable SecureROM vulnerability affecting millions of iPhones, its impact on Apple's Secure Boot model, and how it enables full control over the application processor. Gain insights into building an iOS jailbreak from scratch, exploiting a use-after-free vulnerability in Apple's SecureROM, and the techniques used for reliable exploitation. Discover the speaker's background in reverse engineering, iOS security research, and his contributions to major jailbreaking projects and open-source initiatives.

Syllabus

Intro
whatis SecureROM
whatis Secure Boot
DFU Protocol
USB Control Transfer
USB and DFU
The bug
Practical Trigger
SecureROM Exploitation (A8, A9)
Bootkit Development
Jailbreak Development
wen ela Linux version?? Why did Linux support take so long?
wen eta Windows version??
So, what's new?
What's pongoOS?
Demo - Windows
Demo - Android (project sandcastle)

Taught by

nullcon

Reviews

Start your review of The One Weird Trick SecureROM Hates - Vol. 2

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.