- AMMO
- CFP
- CTF
- CXO Track
- Exhibition
- For You
- Hackathon
- HackerHelp
- Horror Stories from Hacker World
- Recreation
- Resume Clinic
- Schedule
- Speakers
- Sponsors
- StartVille
- Training
- Venue
- Volunteer
- Goa 2020
- Speakers
- Brandon Azad
Brandon Azad
Talk Title:
KTRW: The journey to build a debuggable iPhone
Abstract:
Development-fused iPhones with hardware debugging features like JTAG are out of reach for many iOS security researchers. This talk takes you along my journey to create a similar capability using off-the-shelf iPhones.
We'll look at a way to break KTRR, a custom hardware mitigation Apple developed to prevent kernel patches, and use this capability to load a kernel extension that enables full-featured, single-step kernel debugging with LLDB on production iPhones. Finally, I'll show how I used the resulting KTRW debugger to discover and exploit the oob_timestamp vulnerability (CVE-2020-3837).
Bio:
Brandon Azad is a security researcher at Google Project Zero focusing on iOS/macOS security.