OPTIMIZED FUZZING IOKIT IN IOS

Recommendations

Info

Experimental Results(IV): Vulnerability-1 • Details Vulnerability Case 1 • HighlandParkAudioDeviceUserClient-clientMemoryForType-44 • Use IODataQueue to share memories • Buffers in kalloc.4096 can be released into bigger kalloc zone • Panic Logs • Unavailable address to read and write • A freed zone element has been modified…
Experimental Results(IV) Vulnerability Case 2 • IOResources’s setProperties IOReturn IOResources::setProperties( OSObject * properties ) { … while( (key = OSDynamicCast(OSSymbol, iter->getNextObject()))) { … publishResource( key, dict->getObject(key) ); } … return( kIOReturnSuccess ); } • IOResources is inherited from <strong>IOS</strong>ervice
Page 1 and 2:
OPTIMIZED FUZZING IOKIT IN IOS LEI
Page 3 and 4: Outlines • Introduction • Infor
Page 5 and 6: Introduction(I) IOKit App-0 App-1
Page 7 and 8: Introduction(I) Our Work • Not on
Page 9 and 10: Part II Information Extraction
Page 11 and 12: Information Extraction(II) Basic In
Page 13 and 14: Information Extraction(II): Basic I
Page 25 and 26: Information Extraction(II): IOUserC
Page 33 and 34: Information Extraction(II): IOExter
Page 43 and 44: Part III Fuzzing
Page 45 and 46: Fuzzing(III):Fuzzing Preparation Fu
Page 47 and 48: Fuzzing(III):Fuzzing Preparation Un
Page 49 and 50: Fuzzing(III): Fuzz Thread Client-0
Page 51 and 52: Part IV Experimental Results
Page 53: Experimental Results(IV) Vulnerabil
Page 57 and 58: Experimental Results(IV): Vulnerabi
Page 59 and 60: Last Black Hat Sound Bytes
show all

OPTIMIZED FUZZING IOKIT IN IOS

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?