For whose don’t know i0n1c is a popular jailbreak hacker who found untethered jailbreak exploit on iOS 4.3.1 and it surprisingly worked on iOS 4.3.2 and iOS 4.3.3. That was one of the best exploits since it withstood after Apple released 2 new firmwares.
The iPhone user land is locked down very tightly by kernel level protections. Therefore any sophisticated attack has to include a kernel exploit in order to completely compromise the device. Because of this our previous session titled “Targeting the iOS Kernel†already discussed how to reverse the iOS kernel in order to find kernel security vulnerabilities. Exploitation of iOS kernel vulnerabilities has not been discussed yet.
This session will introduce the audience to kernel level exploitation of iPhones. With the help of previously disclosed kernel vulnerabilities the exploitation of uninitialized kernel variables, kernel stack buffer overflows, out of bound writes and kernel heap buffer overflows will be discussed.
In the annual Black Hat Security Conference, i0n1c made a presentation based on a paper he wrote known as iOS Kernel Exploitation.
According to the 97 pages he used a 470 kΩ resistor, 2 mini USB-B to USB-A caples, a breakout USB to Serial Board, and PodGizmo connector.
You can read the full 97 pages presentation by downloading it from HERE.
Via: [Source]
If you found this post useful, dont forget to click the +1 button Below
