Finding Vulnerabilities in iOS - MacOS Networking Code
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore the intricacies of iOS and macOS networking code vulnerabilities in this 50-minute conference talk from the Hack In The Box Security Conference. Delve into the complexities of networking protocols and their impact on code security. Learn about the discovery of multiple remote code execution vulnerabilities in Apple's XNU operating system kernel, specifically related to mbuf processing. Gain insights into network packet structures, the mbuf datatype, and how XNU processes them. Examine corner cases that led to vulnerabilities and understand the custom variant analysis technique using Semmle QL for bug discovery. Discover C programming techniques used to implement proof-of-concept exploits, complete with kernel-crashing demonstrations. Cover topics such as TCP/IP packet structure, TCP options, raw socket programming, stack buffer overflow, and NFS mount vulnerabilities. Acquire knowledge about security research methodologies, including the use of Query Language (QL) for finding and analyzing potential vulnerabilities in complex networking code.
Syllabus
Introduction
Story of 3 bugs
Extra topics
PacketMangal bug
Finding security vulnerabilities
Query Language QL
TCPIP Packet Structure
TCP Options
Raw Socket Programming
The Fix
The struct
Whats an nbar
Whats an EM buff
Stack Buffer Overflow
Infinite Loop Bug
NFS Mount
M buff copy
Macros
Fake NFS Server
Eve 999
Packet Mangler
Source and Sink
Query Results
Query Explanation
Conclusion
Taught by
Hack In The Box Security Conference
Related Courses
Introduction To Ethical HackingCodecademy Unlocking Information Security II: An Internet Perspective
Tel Aviv University via edX An Introduction to Ethical Hacking with Kali Linux
Packt via Coursera Ciberseguridad. Bases y estructuras para la protección de la información
Universidad Anáhuac via edX CVE Series: Spring4Shell (CVE-2022-22965)
Cybrary