Escaping the Safari Sandbox in iOS 16

Presented at Objective by the Sea version 6.0 (2023), Oct. 13, 2023, 10:55 a.m. (25 minutes).

Apple continue to tighten their sandbox profiles, restricting available attack surface and forcing attackers to build longer bug chains to successfully compromise devices. In this talk I'll cover a recent 2023 ITW iOS 16 full chain, documenting the first case of an ITW chain exploiting Safari’s custom IPC mechanism to escape the newly-hardened renderer sandbox

Presenters:

• Ian Beer - Security Researcher at Google
  Ian Beer finds bugs at Google.

Links:

• https://objectivebythesea.org/v6/talks.html#Speaker_12
• https://www.youtube.com/watch?v=cMJ0wPLcsxQ

Similar Presentations:

• DEF CON 24 (2016) / Escaping The Sandbox By Not Breaking It
• DEF CON 26 (2018) / Fasten your seatbelts: We are escaping iOS 11 sandbox!
• Black Hat Europe 2020 Virtual / Cross-Site Escape: Pwning macOS Safari Sandbox the Unusual Way