Targeting the iOS Kernel - Reverse Engineering Mac OS X
Targeting the iOS Kernel - Reverse Engineering Mac OS X
Targeting the iOS Kernel - Reverse Engineering Mac OS X
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Attacking from User Space - <strong>Mac</strong>h-Traps<br />
• <strong>Mac</strong>h-traps are <strong>the</strong> “syscalls“ of <strong>the</strong> mach subsystem<br />
• harder to find because no symbols nearby<br />
• best solution is to search for string references<br />
• interesting string is “kern_invalid mach trap“<br />
• function “kern_invalid“ will be repeatedly referenced<br />
from mach trap handler table<br />
Stefan Esser • <strong>Targeting</strong> <strong>the</strong> <strong>i<strong>OS</strong></strong> <strong>Kernel</strong> • April 2011 •<br />
42