The famous iPhone hacker Stefan Esser ( i0n1c ) who found the exploit untethered jailbreak exploit on iOS 4.3.1 , 4.3.2 and 4.3.3 . Stefan Esser has made a presentation for whose want to know how hackers find jailbreak exploits on iOS ? How to make sure if this jailbreak is safe or not ?
The iPhone user land is locked down very tightly by kernel level protections. Therefore any sophisticated attack has to include a kernel exploit in order to completely compromise the device. Because of this our previous session titled “Targeting the iOS Kernel” already discussed how to reverse the iOS kernel in order to find kernel security vulnerabilities. Exploitation of iOS kernel vulnerabilities has not been discussed yet.
This session will introduce the audience to kernel level exploitation of iPhones. With the help of previously disclosed kernel vulnerabilities the exploitation of uninitialized kernel variables, kernel stack buffer overflows, out of bound writes and kernel heap buffer overflows will be discussed.
i0n1c, at the annual Black Hat Security Conference, made a presentation based on a paper he wrote known as iOS Kernel Exploitation.
Stefan Esser revealed the hardware he used to hack iOS. He used a 470kΩ resistor, 2 mini-USB-B to USB-A cables, a breakout USB to Serial board and a PodGizmo connector.
If you want more informations check the full presentation from Here .