ebook img

Hack in the Box - Amsterdam 2012 PDF

104 Pages·2012·7.79 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Hack in the Box - Amsterdam 2012

Hack in the Box - Amsterdam 2012 © 2012 Chronic-Dev, LLC Friday, May 25, 2012 JAILBREAK DREAM TEAM Nikias Bassen, Cyril Cattiaux, Joshua Hill & David Wang Hack in the Box - Amsterdam 2012 © 2012 Chronic-Dev, LLC Friday, May 25, 2012 Jailbreak Dream Team • Joshua Hill - @p0sixninja (Chronic-Dev) • Cyril - @pod2g (Chronic-Dev) • Nikias Bassen - @pimskeks (Chronic-Dev) • David Wang - @planetbeing (iPhone Dev Team) Friday, May 25, 2012 Corona A4 • Introduction to iOS security basics • The racoon format string attack • The HFS kernel exploit Friday, May 25, 2012 INTRODUCTION TO iOS & CORONA What are the security features of iOS and how Corona basically overcome them Friday, May 25, 2012 iOS: one of the most secured OS • iOS introduced in 2007 as iPhoneOS 1.0 • Current release: iOS 5.1.1 • More and more security features over time • Flaws harder to exploit and quickly patched • Each release brings new challenges Friday, May 25, 2012 iOS: Security Features (1) • Boot Chain: firmware file signatures • Code Signing: approved binaries only • W^X: Data Execution Prevention (DEP) • ASLR: Address Space Layout Randomization Friday, May 25, 2012 iOS: Security Features (2) • Stack Canaries: __stack_chk() • Partitions: system vs user partition • Users: root vs mobile • Sandboxing: even finer restrictions Friday, May 25, 2012 limera1n: exploiting the boot chain • Bootrom exploit: heap overflow • Custom image loading skips 2nd stage bootloader authentication • Allows custom ramdisks and patched kernels • Good entry point for a tethered jailbreak Friday, May 25, 2012 Regular Boot Chain bootrom (NAND) authenticates LLB authenticates iBoot authenticates kernel authenticates filesystem (ramdisk) Friday, May 25, 2012

Description:
Hack in the Box - Amsterdam 2012 (2) • Stack Canaries • It adds the ability to run code outside of
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.