Story of Jailbreaking iOS 13 presented at BlackHatEurope 2020

by 08tc3wbb ,

Summary : Jailbreaking refers to obtaining the kernel privilege of iOS, by means of the development of vulnerabilities. Usually, at least one kernel vulnerability is used. By overwriting the sensitive data structure in the kernel, the jailbreaker could run unauthorized code on the device without restrictions. It could then be used for performing code injection and data interception upon any process on the device. Thus, sometimes, a jailbreaker may not be the owner of the device, but an intruder who wants to steal or manipulate information, and that includes spreading misinformation.This talk will cover in detail how a series of iOS vulnerabilities are exploited to achieve Jailbreak on iOS 13.7. I'll be talking about their root cause, techniques used during the exploit development to bypass the mitigations that are unique to iOS, ultimately get the privilege of reading and writing kernel memory and demonstrate the potential malicious impact of the attack. The rest of my talk will be related to how these vulnerabilities were discovered, tips for reverse engineering. As an independent researcher, I hope to give some inspiration to the audience.