Pangu Jailbreak Team to Speak at Black Hat 2015

Pangu Jailbreak Team to Speak at Black Hat 2015

Posted by · 10432 views · Translate

The Pangu jailbreak team will be speaking at the 2015 Black Hat security conference in a talk titled "Review and Exploit Neglected Attack Surfaces in iOS 8." Pangu team members Tielei Wang, Hao Xu, and Xiaobo Chen will be presenting at the conference on August 5-6.

The security design of iOS significantly reduces the attack surfaces for iOS. Since iOS has gained increasing attention due to its rising popularity, most major attack surfaces in iOS such as mobile safari and IOKit kernel extensions have been well studied and tested. This talk will first review some previously known attacks against these surfaces, and then focus on analyzing and pointing out those neglected attack surfaces. Furthermore, this talk will explore how to apply fuzzing testing and whitebox code auditing to the neglected attack surfaces and share interesting findings. In particular, this talk will disclose POCs for a number of crashes and memory corruption errors in system daemons, which are even triggerable through XPC (a lightweight inter-process communication mechanism) by any app running in the container sandbox, and analyze and share the POC for an out-of-boundary memory access 0day in the latest iOS kernel.

The Pangu team was responsible for both an iOS 7 and iOS 8 jailbreak. Just recently, the group demonstrated an iOS 8.3 jailbreak at the MOSEC security conference in Shanghai. The team did not mention any release for the jailbreak, but some believe we could see a jailbreak once iOS 8.4 is released.

TaiG, the other Chinese jailbreak team, says they have no plans to release an iOS 8.3 or iOS 8.4 jailbreak. Instead, they are focusing their efforts on iOS 9.

Read More via Superphen

Pangu Jailbreak Team to Speak at Black Hat 2015

Dabears - June 10, 2015 at 9:36pm
eth1 - June 10, 2015 at 9:24pm
Pángǔ yuèyù tuánduì jiàng zài fāyán zhōng tán 2015 nián de hēi mào ānquán dàhuì tí wèi “shěnchá hé lìyòng bèi hūshì de gōngjí qūmiàn de iOS 8. ” Pángǔ tuánduì chéngyuán wáng tiě lēi, xú hào hé xiǎo bō chén jiàng zài huìyì 8 yuè 5-6 rì jìnxíng jièshào. Good luck understanding these mofos. Chinese hackers working undercover for the PLA. I seriously hope none of you used their JB. China uses every Chinese talent to push it's military agenda.