Modern Objective-C Exploitation presented at Infiltrate 2015

by Neil Archibald,

Summary : This talk serves to advance the research I published in Phrack 66 (2009) regarding the exploitation of memory corruption bugs utilizing the Objective-C runtime on Mac OS X. While the techniques in the paper are still functional to this day, the security features of modern OS's such as ASLR/NX means that additional information is required to make these constructs useful. In this talk, I will explore some additional techniques which bring the original set forward to the modern platform. In addition, some investigation of the new features and design decisions of the Objective-C run-time will be presented.