1.
Vulnerable iOS/macOS Kext
2.
Fetching Symbols
2.1.
_IOSleep
2.2.
kernel_thread_start
2.3.
_strncpy
2.4.
_stack_chk_fail
2.5.
_ctl_register
2.6.
___MALLOC
2.7.
_FREE
2.8.
current_proc
2.9.
copyin
2.10.
copyout
3.
Loading the kext on the device
4.
Lets now trigger a heap overflow
5.
Todo
Light (default)
Rust
Coal
Navy
Ayu
Vulnerable Kext
Todo
Fix the bugs in the vulnerabilities I implemented 🧐
Add more vulnerabilities
Add Writeups for exploitation