Finding iOS Kernel Exploit // SockPuppet Jailbreak - CVE-2019-8605

Channel:

Subscribers:

920,000

Published on December 10, 2019 6:02:37 PM ● Video Link: https://www.youtube.com/watch?v=YV3jewkUJ54

Duration: 23:45

157,669 views

5,626

Ned Williamson of Google Project Zero explains how he discovered the Sock Puppet vulnerability affecting the XNU Kernel in iOS and macOS. He also shows us what primitives the bug provides and how it can be exploited. This is only the first stage of a Jailbreak, but it's a very valuable kernel bug.

Google Project Zero Blog: https://googleprojectzero.blogspot.com/2019/12/sockpuppet-walkthrough-of-kernel.html
Ned on Twitter: https://twitter.com/NedWilliamson
Ned Williamson - Modern Source Fuzzing (OffensiveCon19): https://www.youtube.com/watch?v=xzG0pLM4Q64

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

Other Videos By LiveOverflow

2019-12-20	Traveling to London for Escal8 and Google CTF
2019-12-19	Python 2 vs 3 for Binary Exploitation Scripts
2019-12-18	File Path Race Condition & How To Prevent It - bin 0x31
2019-12-17	Writing a Simple Buffer Overflow Exploit
2019-12-16	Exploit Dev Pitfall Corrupted Shellcode
2019-12-15	New to Linux? Need Help Understanding Shell Commands?
2019-12-14	Self-aware Video: it knows its own YouTube Video ID?
2019-12-13	Patching Binaries (with vim, Binary Ninja, Ghidra and radare2)
2019-12-12	How Do Linux Kernel Drivers Work? - Learning Resource
2019-12-11	Public Penetration Test Reports - Learning Resource
2019-12-10	Finding iOS Kernel Exploit // SockPuppet Jailbreak - CVE-2019-8605
2019-12-09	HACKERSPACES ARE AWESOME!
2019-12-08	How To Learn Hacking With CTFs
2019-12-07	WHY YOUR HACKING QUESTIONS ARE FRUSTRATING!!!
2019-12-06	Cannot access memory at address // Debugging PIE Binaries affected by ASLR - bin 0x2E
2019-12-05	Best Operating Systems for Hacking?!
2019-12-04	Reversing Statically-Linked Binaries with Function Signatures - bin 0x2D
2019-12-03	Finding main() in Stripped Binary - bin 0x2C
2019-12-02	SECRET HACKER FORUM - The Place Where We Talk and Learn
2019-12-01	Exploit Fails? Debug Your Shellcode - bin 0x2B
2019-11-27	Zero-day vulnerability in Bash - Suidbash Google CTF Finals 2019 (pwn)

Tags:

Live Overflow

liveoverflow

hacking tutorial

how to hack

exploit tutorial

XNU kernel

macos hack

osx hacked

ios hack

jailbreak

sockpuppet

sock puppet

use after free

fuzzing kernel

kernel fuzzer

syscall fuzzer

fuzz testing

ned williamson

ipv6 sockets

protobuf

asan

advanced exploitation

memory corruption

free malloc