Slides: [ Ссылка ]
Talk Description:
Apple continue to tighten their sandbox profiles, restricting available attack surface and forcing attackers to build longer bug chains to successfully compromise devices. In this talk I’ll cover a recent 2023 ITW iOS 16 full chain, documenting the first case of an ITW chain exploiting Safari’s custom IPC mechanism to escape the newly-hardened renderer sandbox
Speaker Bio:
Ian Beer finds bugs at Google.
Support the Objective-See Foundation:
[ Ссылка ]
[ Ссылка ]
![](https://s2.save4k.ru/pic/cMJ0wPLcsxQ/mqdefault.jpg)