Advanced iOS kernel debugging for exploit developers: A presentation by Stefan Esser (@i0n1c) at the Breakpoint security conference in Melbourne, Australia.
Synopsis: With the release of iOS 6 Apple has raised the bar for iOS kernel exploit development dramatically due to new protections and mitigations inside the kernel. This has lead to more difficult kernel exploits that have a higher demand for kernel debugging.
This presentation will give an insight into iOS kernel debugging techniques, starting from crash dumps, over XNU built-in kernel debugging features like KDP or heap zone recording and will demonstrate new custom debugging extensions like an advanced iOS kernel heap visualization and debugging toolset, which will be released as open source after the talk.
Stefan Esser is best known in the security community as the PHP security guy. Since he became a PHP core developer in 2002 he devoted a lot of time to PHP and PHP application vulnerability research.
However in his early days he released lots of advisories about vulnerabilities in software like CVS, Samba, OpenBSD or Internet Explorer. In 2003 he was the first to boot Linux directly from the hard disk of an unmodified XBOX through a buffer overflow in the XBOX font loader.
In 2004 he founded the Hardened-PHP Project to develop a more secure version of PHP, known as Hardened-PHP, which evolved into the Suhosin PHP Security System in 2006. Since 2007 he works as head of research and development for the German web application company SektionEins GmbH that he co-founded.
In 2010 and 2011 he got a lot of attention for presenting about iPhone security topics and supplying the jailbreaking scene with an exploit that survived multiple updates by Apple.