Fire & Ice - Making and Breaking macOS Firewalls
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the intricacies of macOS firewall development and vulnerabilities in this 25-minute Black Hat conference talk. Dive into core concepts like kernel-level socket filtering, user-mode component communication, secure privileged code installation, and self-defense mechanisms implementation. Learn about firewall vulnerabilities, including methods to bypass Lulu, generic bypasses, DNS and browser exploitation, and kernel-based bypasses. Gain insights from security expert Patrick Wardle as he covers topics such as registering socket filters, implementing callbacks, and protecting the UI from synthetic events. Enhance your understanding of macOS security through this comprehensive exploration of firewall creation and exploitation techniques.
Syllabus
Intro
Outline
The Goal
Registering a Socket Filter
Socket Filter Callbacks
Firewall Vulnerabilities
Bypassing Lulu
Generic Bypasses
Abusing DNS
Abusing Browsers
Kernel-based Bypasses
Finale
Taught by
Black Hat
Related Courses
Offensive Javascript Techniques for Red TeamersSecurity BSides San Francisco via YouTube Browser Exploitation - Max Zinkus
White Hat Cal Poly via YouTube Browser Hacking With ANGLE
Hack In The Box Security Conference via YouTube This is for the Pwners - Exploiting a WebKit 0-day in PlayStation 4
Black Hat via YouTube Dark Fairytales from a Phisherman Vol II
44CON Information Security Conference via YouTube