A Few JSC Tales

Presented at Objective by the Sea version 2.0 (2019), June 2, 2019, 2:05 p.m. (50 minutes)

The landscape of RCE vulnerabilities for iOS is quickly changing due to ever-increasing mitigations. This talk will go through an old WebKit RCE vulnerability to demonstrate a common bug class and the impact of mitigations on its exploitations. Additionally, an example of a high quality bug in the JavaScript engine capable of bypassing all current mitigations will be shown.

Presenters:

• Luca Todesco - Independent Security Researcher
  Luca (aka [@qwertyoruiopz](https://twitter.com/qwertyoruiopz)) is a talented young Italian security researcher who likes looking into hardened devices. He released Yalu jailbreak for 10.2 last year and introduced way to fully bypass KPP. He has hacked devices like iPhone, PS4 and Nintendo Switch.

Links:

• https://objectivebythesea.org/v2/talks.html#todesco
• https://objectivebythesea.org/v2/talks/OBTS_v2_Todesco.pdf

Similar Presentations:

• TROOPERS16 (2016) / The Joy of Sandbox Mitigations
• Black Hat USA 2016 / The Year in Flash
• Black Hat Europe 2020 Virtual / This is for the Pwners : Exploiting a WebKit 0-day in PlayStation 4