applied security conferences and training: CanSecWest | PacSec | EUSecWest |

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

CanSecWest: Security Masters Dojo Vancouver

iOS 7 Kernel Exploitation Dojo

Register for March 8-11 Course

Instructor:
Stefan Esser

Description

With the release of iOS 6 in 2012 Apple has started to drastically improve the security of the iOS kernel. The exploitation of kernel vulnerabilities has become far more complex and difficult than it has been in the good old days of iOS 5. And not only that, with the recent release of iOS 7 Apple has once again changed the game. On the one hand core data structures and algorithms have been changed, like the heap zone allocator, which will break exploits designed for previous versions of iOS and on the other hand additional mitigations have been added to the iOS kernel to make attacks even harder.

Throughout this course students will get to know all these changes, how they have been circumvented in previous iOS kernel exploits and will learn strategies required for future kernel exploitation. And they will do this hands-on on actual devices running iOS 7.

Coming out of this dojo students will have an understanding of how to exploit kernel vulnerabilities in iOS 7 and will have learned strategies to find new such vulnerabilities.

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.

Topics

Student Requirements