YoVDO

The One Weird Trick SecureROM Hates - Vol. 2

Offered By: nullcon via YouTube

Tags

nullcon Courses Secure Boot Courses iOS Security Courses

Course Description

Overview

Explore the intricacies of iOS jailbreaking and the checkm8 vulnerability in this comprehensive conference talk from NULLCON Goa 2020. Delve into the development of pongoOS, a modular pre-boot execution environment for iOS devices, and understand the challenges faced in creating jailbreak tools for non-macOS platforms. Learn about the unfixable SecureROM vulnerability affecting millions of iPhones, its impact on Apple's Secure Boot model, and how it enables full control over the application processor. Gain insights into building an iOS jailbreak from scratch, exploiting a use-after-free vulnerability in Apple's SecureROM, and the techniques used for reliable exploitation. Discover the speaker's background in reverse engineering, iOS security research, and his contributions to major jailbreaking projects and open-source initiatives.

Syllabus

Intro
whatis SecureROM
whatis Secure Boot
DFU Protocol
USB Control Transfer
USB and DFU
The bug
Practical Trigger
SecureROM Exploitation (A8, A9)
Bootkit Development
Jailbreak Development
wen ela Linux version?? Why did Linux support take so long?
wen eta Windows version??
So, what's new?
What's pongoOS?
Demo - Windows
Demo - Android (project sandcastle)


Taught by

nullcon

Related Courses

Check Point Jump Start: Harmony Mobile
Checkpoint via Coursera
Check Point Jump Start: Harmony Mobile
Checkpoint via edX
CNIT 128: Hacking Mobile Devices
CNIT - City College of San Francisco via Independent
Ethical Hacking: Mobile Devices and Platforms
LinkedIn Learning
Learning Mobile Device Security
LinkedIn Learning