Difference between revisions of "User:Userlandkernel"

From The iPhone Wiki
Jump to: navigation, search
(Created page with "== About me == - @userlandkernel on Twitter - Hacking stuff (literally anything, web / networks, vending machines, radio etc etc) since 2012 - Love developing nerdy debug tool...")
 
m (Xnudaemon moved page User:Xnudaemon to User:Userlandkernel)
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
  +
[[Category:Hackers]]
 
== About me ==
 
== About me ==
- @userlandkernel on Twitter
+
* @userlandkernel on Twitter
- Hacking stuff (literally anything, web / networks, vending machines, radio etc etc) since 2012
+
* Hacking stuff (literally anything, web / networks, vending machines, radio etc etc) since 2012
- Love developing nerdy debug tools and documenting the unknown
+
* Love developing nerdy debug tools and documenting the unknown
- Am more known for my interest in iOS
+
* Am more known for my interest in iOS
- I am a fast learner
+
* I am a fast learner
- I like hardware based side channel attacks
+
* I like hardware based side channel attacks (CoreSight KTRW, WatchTower defeat with CPACR, Meltdown & Spectre)
   
 
== Disclosed iOS Vulnerabilities ==
 
== Disclosed iOS Vulnerabilities ==
- IOUSBFamily use after free
+
* IOUSBFamily use after free
- assetsd type-confusion
+
* assetsd type-confusion
- iBooks Denial-of-Service
+
* iBooks Denial-of-Service
- Shortcuts App, partial sandbox escape
+
* Shortcuts App, partial sandbox escape
   
 
== Current projects ==
 
== Current projects ==
- Reverse engineering the NVME firmware
+
* Reverse engineering the NVME firmware
- Flashing custom-made NVME firmware
+
* Flashing custom-made NVME firmware
- Testing whether NVME firmware can turn off or alter IOMMU.
+
* Testing whether NVME firmware can turn off or alter IOMMU.
- Research whether NVME can be a persistent side-channel to patching iBoot at SecureBoot time
+
* Research whether NVME can be a persistent side-channel to patching iBoot at SecureBoot time

Latest revision as of 16:59, 13 February 2020

About me

  • @userlandkernel on Twitter
  • Hacking stuff (literally anything, web / networks, vending machines, radio etc etc) since 2012
  • Love developing nerdy debug tools and documenting the unknown
  • Am more known for my interest in iOS
  • I am a fast learner
  • I like hardware based side channel attacks (CoreSight KTRW, WatchTower defeat with CPACR, Meltdown & Spectre)

Disclosed iOS Vulnerabilities

  • IOUSBFamily use after free
  • assetsd type-confusion
  • iBooks Denial-of-Service
  • Shortcuts App, partial sandbox escape

Current projects

  • Reverse engineering the NVME firmware
  • Flashing custom-made NVME firmware
  • Testing whether NVME firmware can turn off or alter IOMMU.
  • Research whether NVME can be a persistent side-channel to patching iBoot at SecureBoot time