Remotely Compromising a Modern iOS Device
Category: Vulnerability Research
Summary: Achieving a successful remote compromise of a modern Apple iOS device has become in recent years particularly challenging for an adversary, thanks to all the good work done by Apple.
Nevertheless in this talk we will describe our ideas and methods, which lead us to successfully compromise a updated iOS device remotely, at Mobile Pwn2Own 2016 in Tokyo, and other attack chains that couldn't make it at the competition.
In particular, but not limited to, we will cover:
- The sandbox and escaping it
- Rogue Application Install and Codesign Bypass
- Alternative ideas for remote attack chains.