Stefan Esser (Head of R&D, SektionEins GmbH)

PRESENTATION TITLE: Tales from iOS 6 Exploitation and iOS 7 Security Changes

PRESENTATION ABSTRACT:

During SyScan Singapore 2013 lots of innocent iOS vulnerabilities have been murdered. However one of the disclosed kernel information leak vulnerabilities turned out to be an actual memory corruption that could have been used in a drive by attack or public jailbreak. Not having realized the full impact of this vulnerability back then, the author wishes to redeem himself by explaining how this vulnerability is actually exploitable and what troubles one will run into when attempting todo.

In the first part of this presentation the wrongly categorized bug and its exploitation will be outlined and in the second part of this  presentation security relevant changes in iOS 7, which is expected to be released at the time of the conference, will be discussed.

ABOUT STEFAN ESSER

Stefan Esser is best known in the security community as the PHP security guy. Since he became a PHP core developer in 2002 he devoted a lot of time to PHP and PHP application vulnerability research. However in his early days he released lots of advisories about vulnerabilities in software like CVS, Samba, OpenBSD or Internet Explorer. In 2003 he was the first to boot Linux directly from the hard disk of an unmodified XBOX through a buffer overflow in the XBOX font loader.

In 2004 he founded the Hardened-PHP Project to develop a more secure version of PHP, known as Hardened-PHP, which evolved into the Suhosin PHP Security System in 2006. Since 2007 he works as head of research and development for the German web application company SektionEins GmbH that he co-founded. In 2010 he did his own ASLR implementation for Apple’s iOS and shifted his focus to the security of the iOS kernel and iPhones in general. Since then he has spoken about the topic iOS security at various information security conferences around the globe. In 2012 he co-authored the book the iOS Hackers Handbook.