MacOS and iOS Userspace Fuzzing Training


Posted: by Stefan Esser   |  More posts about Blog Training iOS Userspace Security Fuzzing MacOS
/images/afl_screen.png
Instructor: Stefan Esser (Antid0te UG/Antid0te SG)
Dates: 14th March - 18th March 2022 (EU/North America Timezone)
Dates: 28th March - 1st April 2022 (EU/North America Timezone)
Venue: Online, Zoom
Availability: 20 Seats
Language: English

There are a lot of resources and training courses available when if comes to fuzzing code for security vulnerabilities. And there are various resources like demo exploits or training courses available for learning about iOS and MacOS exploitation. However until now what has been missing is a compact course that applies fuzzing technology to the latest iOS and MacOS targets. With this new course we want to provide a compact resource that introduces security researchers in the techniques and tricks to perform effective fuzzing of iOS devices and Apple Mac computers that run either x86_64 or ARM64 code.

This training will be held virtually in March 2022 via Zoom Sessions with support via a Discord server. It will be perfomed twice to allow trainees with colliding appointments to attend the course. For 5 days there will be daily live training sessions around 5h in length. For every day there will be hands on tasks the students should work on until the next training day. In addition to that all trainees will receive some introductory video about 1-2 weeks before the course. This course is targeted at vulnerability researchers that want to find vulnerabilities in MacOS or iOS userland portions via fuzzing.

The course will discuss both the MacOS side and the iOS side of fuzzing. However having an iOS device available is only optional, because we will use ARM64 Mac systems that allow running iOS code.

Topics

  • Basic building blocks of MacOS/iOS Fuzzers
    • Building a basic fuzzer from the found up
    • Test Generation
    • Code Coverage
    • Crash Reporting / Triage
    • Scaling
  • Using and adapting off the shelf fuzzers for MacOS/iOS
    • AFL++
    • Hongfuzz
  • Fuzzing of Fileformats
    • Image File Parser Fuzzing
    • Audio File Parser Fuzzing
    • Font Parser Fuzzing
    • Document File Parser Fuzzing
  • Fuzzing of IPC
    • Fuzzing of Mig Servers
    • Fuzzing of XPC Services
  • Fuzzing of Browsers and JavaScript Engines
    • WebKit Fuzzing
    • JSC Fuzzing
  • Fuzzing of iMessage
    • iMessage Fuzzing

Training Takeaways

  • The whole training material (multiple hundred slides) will be handed to the students in digital form.
  • For up to 5 days after the training students can rewatch video recordings of all sessions.
  • Trainees will get a license for the Antid0te software and scripts that are used during the training that allows usage but not redistribution of said software.

Training Requirements

  • Student Requirements
    • Basic understanding of exploitation
    • C and Python Programming knowledge
    • Able to understand X64/ARM64 assembly
  • Hardware Requirements
    • Apple Mac M1 system
    • Access to x86_64 system
    • (OPTIONAL) jailbroken iOS device compatible to checkra1n
  • Software Requirements
    • Mac OS X 11, with latest XCode and iOS 14.x SDK (or newer)
    • Additional Software will be made available during the training

Virtual Venue

The training sessions will be held via Zoom video conferencing. Training sessions will be around 5 hours per training day. In addition to that trainees will get access to a few hours worth of introductory videos.

Furthermore trainees get access to a Discord server that will be used to post information regarding the training and will be used to discuss exercises and their solution, unless those will be covered via Zoom.

All training sessions will be recorded and made available as videos until 5 days after the training. During that time trainees can rewatch sessions as often as they want.

Timezones

We offer the training in an EU/North America edition. For other timezones please enquire. Unlike in person training courses when all attendees are present and share the same timezone the execution of online training courses requires some adjustments to be made to allow attendees accross different timezones to attent.

EU / North America Edition (14th March before DST)

17:00 - 22:00 Berlin
16:00 - 21:00 London
09:00am - 02:00pm Seattle / Vancouver
12:00pm - 05:00pm New York / Montreal

EU / North America Edition (28th March after DST)

17:00 - 22:00 Berlin
16:00 - 21:00 London
08:00am - 01:00pm Seattle / Vancouver
11:00am - 04:00pm New York / Montreal

Pricing

We offer the following rates for this training.

EUR 4000,- EUR
SGD 6200,- SGD
USD 4750,- USD

Payment will be possible via international bank transfer or via credit card featured by STRIPE. Please note that we will usually charge EU customers in EUR and the rest of the world in SGD. On request we can charge in USD.

Register

If you have further questions or want to register for this training please contact us by e-mail training@antid0te.com. Please notice that signup, billing and execution of the training is performed by Antid0te SG Pte. Ltd. .

In-House Training / Conferences / Additional Trainings

If you are interested in this training, but want us to perform the training for your people, want to feature our training at your online conference or would just like to know if we provide the training again at a later time please contact us by e-mail training@antid0te.com.