Becks stands for Beer & Hacks. A community of hackers, security researchers, and anyone interested in security.
Sister events to be held in Korea and Tokyo. This is our first meetup in Taiwan. The seats are very limited and we will expand this meetup for more attendees in the future.
Please feel free to join us!!
Supported by LINE and Graylab.
OSX/iOS kernel has some attack surfaces from user space such as IOKit, system call, MIG(Mach Interface Generator) handler. Especially, MIG is XNU kernel's distinct feature from LINUX or UNIX.
In this talk, I will introduce some methods related to finding vulnerabilities in XNU kernel's MIG handler, including:
- Analyzing the MIG handler in XNU kernel
- Making a simple fuzzing framework through XNU kernel compile
- Analyzing a kernel heap buffer overflow vulnerability (0-day)
Lastly, I will talk about challenges in exploiting this vulnerablity.
(EN) Fighting against the criminals to protect our user is one of the most important things for service provider. I'll make a brief introduction about what kind of abusing behaviors used to happen on our platform and how we deal with it by technical detection and mechanism designs.