Targeting the iOS Kernel - Reverse Engineering Mac OS X
Targeting the iOS Kernel - Reverse Engineering Mac OS X
Targeting the iOS Kernel - Reverse Engineering Mac OS X
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Attacking from User-Land: Sysctl<br />
• sysctl is interface that gives user-land access to kernel variables<br />
• sysctl variables get added by <strong>the</strong> functions<br />
• sysctl_register_oid()<br />
• sysctl_register_set() / sysctl_register_all()<br />
• script scanning for xrefs can find all defined sysctl variables<br />
• interesting for vulnerability research are<br />
• sysctl handlers<br />
• writeable variables<br />
Stefan Esser • <strong>Targeting</strong> <strong>the</strong> <strong>i<strong>OS</strong></strong> <strong>Kernel</strong> • April 2011 •<br />
48