Evad3rs to present at HITBSecConf2013 in Amsterdam

By , Feb 13, 2013

evad3rs logo

The evad3rs are probably one of the hottest tickets around right now on the mobile security circuit. The four hackers were able to overcome Apple’s highly regarded security systems in iOS 6, to provide us with the evasi0n jailbreak.

Well good news for those of you that will be in Amsterdam between the dates of April 8 – 11. The team will be giving a presentation at the Hack in the Box Security Conference in the country, at the Okura Hotel. More details after the fold…

Web

That’s right, MuscleNerd, pod2g, planetbeing and pimskeks will all be on hand at HITBSecConf2013 to talk about their latest jailbreak, and how they managed to break through iOS 6′s security. Here’s a brief overview of their presentation.

“The Apple product security team did an impressive job raising the resilience of the iOS 6 kernel to well known attacks: Kernel ASLR was added, code pages of the kernel protected, and heap structures reinforced to harden the exploitability of heap overflows. Also, numerous directory traversals and vulnerabilities in iOS lockdown services have been fixed silently in the road from 5.1.1 to 6.0, burning all building blocks we already prepared.

For the iOS 6 public jailbreak, we started from scratch, and found successively a total of 8 vulnerabilities in a few months.

In our presentation, we will paint a big picture of the iOS 6 security, and how the Mandatory Code Signing requirement is enforced which is the target of all jailbreak tools. Afterwards, we will present different ideas, vulnerabilities and exploits that lead to the iOS 6 jailbreak. We will start by discussing the injection of the payload, which involves new and clever approaches to the problem, then explain how userland code is triggered, untethered, and finally discuss how the kernel has been successfully exploited.”

With over 1.7 million downloads in the first 24 hours, and more than 7 million downloads in the first four days, evasi0n is billed as the most popular jailbreak ever. It’s also been described as one of the most complex ever, utilizing several exploits.

For those that won’t be able to make it to Amsterdam, don’t worry. We imagine there will either be a live stream of the evad3rs’ presentation, or a video uploaded after the fact. At least, this was the case with the Dream Team at last year’s HITB.

  • Share:
  • Follow:
  • http://twitter.com/burlow burlow

    fascinating stuff, really. Highly impressed that so many moving parts could be moved into a simple button click.

  • John714

    these geeks are truly geniuses

  • Bailey

    and I do live in Amsterdam! :)
    Might as well go, if tickets are not too expensive. And for your info, the Okura is one of the best/luxuriuos hotels in The Netherlands

    • Recovery

      Dude, really? If its not to expensive? These guys just jail broke your idevice for free no f***** charge. With out the evad3rs your Idevice would be garbage. Apple products need the jailbreak. These guys should charge for the jailbreak tool.

  • blu

    a little nitpick, but it was not 7 million downloads of evasi0n but 7 million jailbroken devices using evasion.