You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Contents<br />
Executive Summary<br />
Background<br />
Disclosure Timeline<br />
Attack Overview<br />
Pr<strong>of</strong>essional Grade Development<br />
Evolution <strong>of</strong> S<strong>of</strong>tware<br />
The Trident Vulnerabilities<br />
CVE-2016-4655: Memory Corruption in Safari Webkit<br />
CVE-2016-4656: Kernel Information Leak Circumvents KASLR<br />
CVE-2016-4657: Memory Corruption in Kernel leads to Jailbreak<br />
Jailbreak Persistence<br />
<strong>Spyware</strong> <strong>Analysis</strong><br />
Installation and Persistence<br />
Persistence: JSC Privilege Escalation<br />
Disabling Updates<br />
Jailbreak Detection<br />
Device Monitoring<br />
Stealth Update to Command & Control Infrastructure<br />
Self Destruction<br />
Data Gathering<br />
Calendar<br />
Contacts<br />
GPS location<br />
Capturing User Passwords<br />
WiFi and Router Passwords<br />
Interception <strong>of</strong> Calls and Messages<br />
Process Injection: converter<br />
Skype<br />
Telegram<br />
WhatsApp<br />
Viber<br />
Real-Time Espionage<br />
Conclusion<br />
Credits<br />
Appendix A: TLS Certificate Information<br />
Appendix B: IOCs for Jailbreak Detection