4 5 6 7 8 9 10 11 12 o Security research group o Focused on hardware and software exploitation o Made a various jailbreaks for iOS, tvOS, watchOS o Contributors to jailbreak community
8 9 10 11 12 Making jailbreak if you have bugs o Write an exploit chain o Patch OS security restrictions o Install persistent binary o Add Cydia\ssh\remote shell
8 9 10 11 12 Making jailbreak if you don't have bugs o Write an exploit chain Use public write-ups o Patch OS security restrictions o Install persistent binary o Add Cydia\ssh\remote shell
spawns on boot o Check if it is running as root (optional) o Find userland codesign bug o Symlink system service to exec cs bypass 49 50 51 52 53 54 55 56 57 58 59 60
will not work o validateCodeDirectoryHashInDaemon possible race condition fixed o Policy patches still work iOS 10 amfi mitigations 49 50 51 52 53 54 55 56 57 58 59 60
secure on each release o More security on hardware side o Exploits will be more valuable o But there will be bugs and write-ups 61 62 63 64 65 66 67 68 69 70 71 72