conference logo

Playlist "May Contain Hackers 2022"

My journey to find vulnerabilities in macOS

Turmio / Mikko Kenttälä

My journey to find vulnerabilities in macOS. During 2020 and 2021 I found two major vulnerabilities from macOS. In this presentation I walk you through the whole exploit chain to compromise users' sensitive data with one click. I will also explain my methodology to find logic bugs.

My journey to find vulnerabilities in macOS. During 2020 and 2021 I found two major vulnerabilities from macOS. In this presentation I walk you through the whole exploit chain to compromise users' sensitive data with one click.

I will walk you through how I solved the following steps:
- Fundamentals how I find vulnerabilities
- Basics about the "extra" security protections in macOS
- How to get payload delivered with one click
- Code execution with arbitrary mount
- Gatekeepper evasion
- TCC protection evasion
- SIP -protection evasion
- Timeline
- How Apple will credit the researches