YoVDO

Jailbreaking the AppleTV3 - Tales From A Full Stack Hack

Offered By: nullcon via YouTube

Tags

nullcon Courses Jailbreaking Courses Hardware Hacking Courses

Course Description

Overview

Explore the full stack hack of the AppleTV3 in this conference talk from Nullcon Berlin. Dive into the journey of jailbreaking a device that resisted hacking for 8 years, exploiting 5 different n-day vulnerabilities to achieve full untethered compromise. Learn about the reduced attack surface that protected the AppleTV3 longer than newer, more secure iPhones. Follow the step-by-step process of pwning the device, discussing challenges encountered and methods to overcome them. Gain insights into attacking restricted devices and acquire the knowledge needed to reproduce this exploit chain. Discover the speaker's background in iOS hacking, including contributions to various jailbreaks and creation of downgrading tools. Examine topics such as trust certificates, custom browsers, hardware hacking, memory dumping, codesign bypass, ROP chains, kernel exploits, and persistence techniques. Conclude with a summary and a lighthearted look at funny cat picture screensavers.

Syllabus

Intro
AppleTV 3nd gen
AppleTV 3 Homescreen
PlexConnect
Trust certificate
ATV3 Custom Browser
Setup
Trailers App
exploit.js: problems
Crashlogs!
Hardware hacking
Dumping memory: problems
Emulating remote
Codesign bypass
ROP chain: problems
ROP chain: solution
stage1.bin
Kernelexploit
Update: Problem: no kernel binary
Postexploit
Post-bootstrap
Persistance
Untether: solution launchd
Summary
Funny cat pictures screensaver!


Taught by

nullcon

Related Courses

Ethical Hacking: Mobile Devices and Platforms
LinkedIn Learning
CNIT 128: Hacking Mobile Devices
CNIT - City College of San Francisco via Independent
How to Influence Security Technology in Kiwi Underpants
YouTube
Machswap - Stephen Parkinson
White Hat Cal Poly via YouTube
Swiping Through Modern Security Features
Hack In The Box Security Conference via YouTube