nganhkhoa/iOS
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
32d8df4198
iOS/iOS Resources/papers
History
Joseph Shenton 47d21cf4da Added Writeups
2018-06-11 17:42:03 +10:00
..
README.md Added Writeups 2018-06-11 17:42:03 +10:00

README.md

OS X / iOS Technical Papers

This list includes many technical papers about OS X and iOS exploitation/researching/reversing.
The papers you see listed here have been published publicly and are free to redistribute.

Contributing

Instead of uploading a big chunk of PDFs to some hosting website or directly here on GitHub, I decided to link every entry directly. If a link is dead, and you have the original copy of the document, feel free to re-upload it and submit a pull request with the new URL.
Similarly, if you want to add documents, please submit a pull request with your entry/entries, added to the correct section with working URL/URLs.

OS X

Exploitation

Document Related Talk Author Year
Attacking the XNU Kernel in El Capitan Attacking The XNU Kernel In El Capitan Luca Todesco 2015
OS X Kernel is As Strong as its Weakest Part N/A Liang Chen, ShuaiTian Zhao 2015
Memory corruption is for wussies! N/A fG! 2016
Dont Trust Your Eye: Apple Graphics is Compromised! N/A Liang Chen, Marco Grassi, Qidan He 2016
OS X El Capitan sinking the Ship N/A Stefan Esser 2016
XNU:A Security Evaluation N/A Daan_Keuper 2012

Technical

Document Related Talk Author Year
DYLIB HIJACKING ON OS X N/A Patrick Wardle 2015
Code Signing Hashed Out N/A Jonathan Levin 2015
The ARMs race to TrustZone N/A Jonathan Levin 2016

iOS

Exploitation

Document Related Talk Author Year
iOS Kernel Exploitation BlackHat 2011 - iOS Kernel Exploitation Stefan Esser 2011
iOS Kernel Exploitation -- IOKit Edition N/A Stefan Esser 2011
iOS 5 An Exploitation Nightmare? N/A Stefan Esser 2012
iOS Kernel Heap Armageddon N/A Stefan Esser 2012
iOS 6 Kernel Security: A Hackers Guide #HITB2012KUL D1T2 - Mark Dowd & Tarjei Mandt - iOS 6 Security Mark Dowd, Tarjei Mandt 2012
Find Your Own iOS Kernel Bug N/A Chen Xiaobo, Xu Hao 2012
Attacking the iOS Kernel: A Look at evasi0n N/A Tarjei Mandt 2013
SWIPING THROUGH MODERN SECURITY FEATURES #HITB2013AMS D2T1 Evad3rs - Swiping Through Modern Security Features evad3rs 2013
Exploiting Unpatched iOS Vulnerabilities for Fun and Profit N/A Yeongjin Jang, Tielei Wang, Byoungyoung Lee, Billy Lau 2014
iOS 6/7/8 Security - A Study in Fail N/A Stefan Esser 2015
OPTIMIZED FUZZING IOKIT IN iOS Optimized Fuzzing IOKit In iOS Lei Long 2015
Review and Exploit Neglected Attack Surface in iOS 8 N/A Pangu Team 2015
Hacking from iOS 8 to iOS 9 N/A Pangu Team 2015
Dig Into The Attack Surface Of PDF And Gain 100 CVEs In 1 Year N/A Tencent XuanWu Lab 2017
Diving into the iOS Kernel: Breaking Entitlements N/A @iBSparkes 2018

Technical

Document Related Talk Author Year
Security Enclave N/A Tarjei Mandt, Mathew Solnik, and David Wang N/A

Exploit Write-ups

CVEIDs LINK
CVE-2016-4655 CVE-2016-4656 https://jndok.github.io/2016/10/04/pegasus-writeup/
CVE-2016-7644 CVE-2016-7637 CVE-2016-7661 https://bugs.chromium.org/p/project-zero/issues/detail?id=965
CVE-2017-2370 https://googleprojectzero.blogspot.co.uk/2017/04/exception-oriented-exploitation-on-ios.html
CVE-2017-2416 https://blog.flanker017.me/cve-2017-2416-gif-remote-exec/
CVE-2017-2533 CVE-2017-2535 CVE-2017-2534 https://phoenhex.re/2017-06-09/pwn2own-diskarbitrationd-privesc https://phoenhex.re/2017-07-06/pwn2own-sandbox-escape
CVE-2018-4087 https://blog.zimperium.com/cve-2018-4087-poc-escaping-sandbox-misleading-bluetoothd/
CVE-2B-DETERMINED http://bazad.github.io/2018/04/kernel-pointer-crash-log-ios/

External Links

Here you can find external list of papers and documents, most of which are not listed here.