iOS 12 b12 full chain demo:https://youtu.be/UoeNVNg3Fbo
-
-
-
Replying to @_niklasb @qwertyoruiopz
Man so many private jbs :( Gotta step up my kernel game
3 replies 0 retweets 8 likes -
-
Replying to @qwertyoruiopz @_niklasb
#noobalert full chain means webkit+kernel exploit only or code sign bypass + persistence after reboot1 reply 0 retweets 0 likes -
Replying to @mugundhanbalaji @_niklasb
i use the term for webkit+sandbox+kernel, "persistent full chain" for +persistence, although it varies
1 reply 0 retweets 2 likes -
How hard is sandbox+kernel vs. straight to kernel in your opinion?
2 replies 0 retweets 2 likes -
once you're out of sandbox going to kernel is really easy - from inside sandbox the attack surface is tight and highly audited, so i think sbx+kernel is easier
1 reply 0 retweets 4 likes -
Cool. Maybe a better question is how hard is sandbox?
1 reply 0 retweets 1 like
Should also differ between WebContent and normal app sandbox?
-
-
Replying to @_niklasb @NedWilliamson and
Yeah, AFAIK, the WebContent is a subset of normal app sandbox.
0 replies 0 retweets 3 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.