[Seminar] Attacking iOS kernel and FaceTime - Tielei Wang (Team Pangu)

o Date and Placement

- Date : 2019.10.8 (Tue.) 16:00~

- Placement : N1 Building, Room 110



Title: Attacking iOS kernel and FaceTime



This talk will start by analyzing a vulnerability in the XNU kernel, explaining different exploitation strategies on iOS devices with/without A12 chips, and discussing the hardware based exploit mitigations on latest iOS devices.
The talk will then focus on FaceTime security by reverse engineering zero-click or one-click remote attack surfaces in FaceTime, and share a number of vulnerabilities discovered. Among these memory corruption vulnerabilities, the talk will highlight how a most typical stack overflow is still exploitable on iOS due to a compiler bug in LLVM..



Tielei Wang is a member of Team Pangu. He was a research scientist at the Georgia Institute of Technology from 2012 to 2014 and received his Ph.D. from Peking University in 2011. His research interests include system security, software security, and mobile security. He discovered a number of zero-day vulnerabilities and won the Secunia Most Valued Contributor Award in 2011. He has published many papers in top research conferences including IEEE Security and Privacy, USENIX Security, ACM CCS, and NDSS, and was a regular speaker at various industrial conferences such as BlackHat USA, POC, etc.  He is a recipient of Best Student Paper Award from 2010 IEEE Symposium on Security & Privacy (Oakland'10), and Best Student Paper Award from 2017 USENIX Workshop on Offensive Technologies (WOOT).