Topics

  • Introduction (starting with old devices)
    • How to handle a new Firmware
    • How to set up your Mac and Device for Vuln Research/Exploit Development
    • How to boot own Kernels
    • How to patch own Code into the Kernel
    • How to write Code for your iDevice
  • Low Level ARM / ARM64
    • Differences between ARM and ARM64
    • Exception Handling
    • Hardware Page Tables
    • Special Registers used by iOS
    • ...
  • iOS Kernel Source Code
    • Structure of the Kernel Source Code
    • Where to look for Vulnerabilities
    • Implementation of Mitigations
    • MAC Policy Hooks, Sandbox, Entitlements, Code Signing
    • ...
  • iOS Kernel Reversing
    • Structure of the Kernel Binary
    • Finding Important Structures
    • Porting Symbols
    • Closed Source Kernel Parts and How to analyze them
    • ...
  • iOS Kernel Debugging
    • Panic Dumps
    • Using the KDP Kernel Debugger
    • Extending the Kernel Debugger (KDP++)
    • Debugging with own Patches
    • Kernel Heap Debugging/Visualization
  • iOS Kernel Heap
    • In-Depth Explanation of How the Kernel Heap works (including recent changes in iOS 7/7.1)
    • Different techniques to control the kernel heap layout
  • iOS Kernel Exploit Mitigations
    • Discussion of all the iOS Kernel Exploit Mitigations introduced
    • Discussion of various weaknesses in these protections
  • iOS Kernel Vulnerabilities and their Exploitation
    • Discussion of previous kernel vulnerabilities used in public jailbreaks
    • Introduction to kernel exploitation with a DEMO vulnerability
    • Exploitation of a real kernel vulnerability at iOS 7.0.4
  • iOS Kernel Jailbreaking
    • Discussion of all the Kernel Patches applied by iOS Jailbreaks
  • Handling of New Devices
    • Discussion of necessary steps to port exploits from old to new devices
  • iOS 7.1?
    • Because the release date of iOS 7.1 is unknown at the moment it is not possible to predict what changes there might be in the kernel. However we will incorporate all the information known about the iOS 7.1 kernel until the training into the material.
  • Persistence
    • The topic of persistence or untethering will be discussed although the kernel land is only partially involved

Topics的更多相关文章

  1. Windows Azure Service Bus Topics实现系统松散耦合

    前言 Windows Azure中的服务总线(Service Bus)提供了多种功能, 包括队列(Queue), 主题(Topic),中继(Relay),和通知中心(Notification Hub) ...

  2. RabbitMQ(五) -- topics

    RabbitMQ(五) -- topics `rabbitmq`中的`topic exchange`将路由键和某模式进行匹配,从而类似于正则匹配的方式去接收喜欢的信息. topic exchange ...

  3. Emiller's Advanced Topics In Nginx Module Development

    Emiller的Nginx模块开发指南 By Evan Miller DRAFT: August 13, 2009 (changes) 翻译:Kongch @2010年1月5日 0:04am -- 2 ...

  4. Problem of Creating Topics in Kafka with Kerberos

    Hi, After enabled Kerberos using Ambari, I got problem creating topics in Kafka using the kafka-topi ...

  5. ERROR:"org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /config/topics/test" when creating or deleting Kafka operations authorized through the Ranger policies

    PROBLEM DESCRIPTION When creating or deleting topics in Kafka, they cannot be authorized through the ...

  6. ROS笔记 Topics

    http://wiki.ros.org/ROS/Tutorials/UnderstandingTopics rostopic rqt_graph rosmsg rqt_graph 一个用于查看topi ...

  7. rabbitMq交换机direct、topics

    一: direct 上面我用采用了广播的模式进行消息的发送,现在我们采用路由的方式对不同的消息进行过滤 发送端代码 public class RoutingSendDirect { private s ...

  8. jmeter向ActiveMQ发送消息_广播/订阅(Topics 队列)

    问题描述:测试中需要模拟大量设备的消息上报到平台,但是实际测试中没有那么多设备,所以采取用jmeter直接往ActiveMQ模拟发送设备消息 解决思路:获取平台采取的是Queues还是Topics : ...

  9. Consumer is not subscribed to any topics or assigned any partitions

    版本: scala:2.11.8 spark:2.11 hbase:1.2.0-cdh5.14.0 报错信息: java.lang.IllegalStateException: Consumer is ...

随机推荐

  1. gets、scanf和getchar之间的区别

    gets gets.scanf和getchar之间的区别 1. gets函数读取数据时,接受的数据包括数据和回车符.即:读取数据后输入流没有输入 操作动作. 2. scanf函数读取数据时,接受的数据 ...

  2. Linq的Distinct太不给力了[转]

    假设我们有一个类:Product public class Product { public string Id { get; set; } public string Name { get; set ...

  3. CUMCM--总结

    有些事情经历一次就好,一次的经历足以成长. 其实,对于数模真的没什么要说的,也没什么好写的.从9月11日,8点见到赛题,到今天早上8点的提交,短短的三天,度过寂静的黑夜,见到微曦的黎明.三天三夜,9个 ...

  4. 处理器(CPU)调度问题

     因为处理器是最重要的计算机资源,提高利用率并提高系统性能的处理器(吞吐量.响应时间).于处理机调度性能的好坏,因而,处理机调度便成为操作系统设计的中心问题之中的一个. 一.处理机调度的层次 1. ...

  5. Oracle Global Finanicals Technical Reference(一个)

    Skip Headers Oracle Global Finanicals Oracle Global Financials Technical Reference Manual Release 11 ...

  6. 连载:面向对象的葵花宝典:思维、技能与实践(40) - DECORATOR模式

    掌握了道路后,设计模式,我们将以新的方式来理解设计模式,这种方法更简单.更直观.不信?子就知道了 =================================================== ...

  7. Tomcat剖析(一):一个简单的Web服务器

    Tomcat剖析(一):一个简单的Web服务器 1. Tomcat剖析(一):一个简单的Web服务器 2. Tomcat剖析(二):一个简单的Servlet服务器 3. Tomcat剖析(三):连接器 ...

  8. FZU操作系统课程实验 实验一

    实验1 [实验名称]:并发程序设计(实验1) [实验目的]:掌握在程序中创建新进程的方法, 观察并理解多道程序并发运行的现象. [实验原理]:fork():建立子进程.子进程得到父进程地址空间的一个复 ...

  9. CSS3+HTML5特效6 - 闪烁的文字

    先看效果 abcd 这个效果也比较简单,利用keyframes对文字的大小.透明度及颜色做循环显示. CSS <style> @-webkit-keyframes flash { 0%{ ...

  10. Linux 安装 httpd2.4.16

    假设: apr安装在: /opt/httpd/apr apr-util安装在 /opt/httpd/apr-suite/apr-util apr-iconv安装在/opt/httpd/apr-suit ...