Remotely Compromising a Modern iOS Device

Author(s): Marco Grassi
Liang Chen
Category: Vulnerability Research
Duration: 45
Summary: Achieving a successful remote compromise of a modern Apple iOS device has become in recent years particularly challenging for an adversary, thanks to all the good work done by Apple.

Nevertheless in this talk we will describe our ideas and methods, which lead us to successfully compromise a updated iOS device remotely, at Mobile Pwn2Own 2016 in Tokyo, and other attack chains that couldn't make it at the competition.

In particular, but not limited to, we will cover:

- The sandbox and escaping it
- Rogue Application Install and Codesign Bypass
- Alternative ideas for remote attack chains.

Likes: 2

Comments

jaisonyi

It is going to be a quite fun talk since it has not been shown long enough to compromise modern iOS device remotely.


aaronc100

Has promise, please don't disappoint!


cyb3rw0lf

Yes, pls.


citizenx

Looking forward to this presentation!