This talk will dive into the internals of an iMessage exploit that achieves unsandboxed remote code execution on vulnerable iPhones (versions up to iOS 12.4) without user interaction and within a couple of minutes. After a short introduction of the vulnerability, a set of techniques will be shown that allow the exploit to first bypass ASLR, then achieve arbitrary code execution even on PAC-capable devices. The talk will ultimately highlight how seemingly harmless features that are commonly exposed on “0-Click” surfaces enable the exploitation of memory corruption vulnerabilities.
Samuel (https://twitter.com/5aelo) works at Google Project Zero where he does offensive security research, mainly focused on web browsers and mobile devices.
