Description: In this presentation titled "Fun and Games with Mac OS X and iPhone Payloads", given at Blackhat Europe 2009, Charlie Miller and Vincenzo Lozzo introduce new methods to exploit OS X and iPhones and also show how to avoid detection and forensics once the machine has been compromised. Mac OS X continues to spread among users, and with this increased market share comes more scrutinization of the security of the operating system. The topics of vulnerability analysis and exploit techniques have been discussed at length. However, most of these findings stop once a shell has been achieved. This talk introduces advanced payloads which help to avoid detection, avoid forensics, and avoid countermeasures used by the operating system for both Mac OS X and iPhone. These payloads include Meterpreter and userland-exec for forensics evasion and two iPhone payloads which work against factory iPhones, despite the device's memory protections and code signing mechanisms.<br><br>A high resolution videos of this talk is available here. The research paper can be downloaded here. <br><br> <style type="text/css">body { background: #FF </style> </div>
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
all theory, no hands on :-/