Posted on
in Presentations
All Apple systems deploy a same hybrid kernel structure called XNU. However, most of XNU defenses can be bypassed through corrupting defenseless kernel objects. This session will summarize this type of attack as (Mach) port object-oriented programming (POP) and propose XNU Kernel Object Protector (XKOP) to significantly reduce the number of possible targets for unprotected kernel objects.
Learning Objectives:
1: Understand what is jailbreaking and what is the core of Apple systems.
2: Learn how to use PKOOP to bypass latest mitigation techniques in XNU kernel.
3: Find out the way to use XNU kernel object protector to defend against PKOOP attack.
Pre-Requisites:
Kernel programming and debugging.
Learning Objectives:
1: Understand what is jailbreaking and what is the core of Apple systems.
2: Learn how to use PKOOP to bypass latest mitigation techniques in XNU kernel.
3: Find out the way to use XNU kernel object protector to defend against PKOOP attack.
Pre-Requisites:
Kernel programming and debugging.
Access This and Other RSAC™ Conference Presentations with Your Free RSAC Membership
Your RSAC™ Membership also includes AI-powered summaries, mind maps, and slides for Conference presentations, Group Discussions with experts, and more.
Watch Now >>
Share With Your Community