Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, July 30 • 4:45pm - 6:00pm
Vincenzo Iozzo & Charlie Miller: Post Exploitation Bliss - Loading Meterpreter on a Factory iPhone

Sign up or log in to save this to your schedule and see who's attending!

IPhones are now widely used by people; as a consequence the number of factory phones is ever increasing. Until very recently, researchers focused on exploitation techniques for jailbroken phones. Most of these approaches are not usable on factory phones due to a number of protections including code signing and additional memory protections. For that reason, even with the ability to execute arbitrary code in an exploit, it is very hard to know what to do. This presentation will show how is it possible to effectively run high level payloads on a factory phone by defeating code signing protections after exploitation. Specifically by injecting an arbitrary non-signed library in the victim's process address space, an attacker is able to run his own code thus granting a much higher attack efficacy. This is especially important because on factory iPhones, there are no useful utilities, not even a shell. With this technique, an attacker can bring along their own tools, including the ability to get directory listing, upload and download files, even pivot attacks, in the form of Meterpreter!
http://www.blackhat.com/html/bh-usa-09/bh-usa-09-speakers.html#Iozzo

Thursday July 30, 2009 4:45pm - 6:00pm
Milano Ballroom 1-2-3-4

Attendees (59)