Pangu Team to present in Black Hat USA 2015

Followed by MOSEC iOS 8.3 jailbreak demo and dismissal of actual release date, the Pangu Team has announced in their official Weibo that they will be attending the Black Hat USA 2015, one of the top hacker conferences globally, and sharing about a topic captioned Review and exploit neglected attack surfaces in iOS 8.

pangu black hat

Specifically, the presentation summary in detail:

The security design of iOS significantly reduces the attack surfaces for iOS. Since iOS has gained increasing attention due to its rising popularity, most major attack surfaces in iOS such as mobile safari and IOKit kernel extensions have been well studied and tested. This talk will first review some previously known attacks against these surfaces, and then focus on analyzing and pointing out those neglected attack surfaces. Furthermore, this talk will explore how to apply fuzzing testing and whitebox code auditing to the neglected attack surfaces and share interesting findings. In particular, this talk will disclose POCs for a number of crashes and memory corruption errors in system daemons, which are even triggerable through XPC (a lightweight inter-process communication mechanism) by any app running in the container sandbox, and analyze and share the POC for an out-of-boundary memory access 0day in the latest iOS kernel.

The presentation will be done by three gentlemen from the Pangu Team, namely Tielei Wang & HAO XU & Xiaobo Chen as you can see the pictures and introduction shown below:


Yet, there is no further update on the iOS 8.3 jailbreak from the team. We will keep you posted in case anything happens.

Source: Weibo; Black Hat

4 Comments Add yours

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.