Difference between revisions of "I0n1c"

From The iPhone Wiki
Jump to: navigation, search
(Presentations: added 2011 HITB presentation)
m
 
(8 intermediate revisions by 6 users not shown)
Line 1: Line 1:
 
{{lowercase}}
 
{{lowercase}}
'''i0n1c''', whose real name is Stefan Esser, is a German security researcher. He developed [[Antid0te]], an [[wikipedia:Address space layout randomization|ASLR]] for jailbroken [[iPhone]]s in fall 2010, but never released it, because [[iOS]] since 4.3 includes an implementation of ASLR. He developed an untethering exploit for iOS 4.3. He gave a version of the exploit that worked on iOS 4.3.1 to the [[iPhone Dev Team]] which updated [[redsn0w]] and [[PwnageTool]] to use it and released the new tools on 4 April 2011. [[sn0wbreeze]] was also updated to include his untether. As the vulnerability went unpatched in iOS 4.3.2 and 4.3.3, he updated his code later to support those firmwares. An iOS 4.3-compatible version was never released.
+
'''i0n1c''', whose real name is Stefan Esser, is a German security researcher. He developed [[Antid0te]], an [[wikipedia:Address space layout randomization|ASLR]] for jailbroken [[List of iPhones|iPhones]] in fall 2010, but never released it, because [[iOS]] since 4.3 includes an implementation of ASLR. He developed an untethering exploit for iOS 4.3. He gave a version of the exploit that worked on iOS 4.3.1 to the [[iPhone Dev Team]] which updated [[redsn0w]] and [[PwnageTool]] to use it and released the new tools on {{date|2011|04|04}}. [[sn0wbreeze]] was also updated to include his untether. As the vulnerability went unpatched in iOS 4.3.2 and 4.3.3, he updated his code later to support those firmwares. An iOS 4.3-compatible version was never released. His exploit was used in [[Pangu]] jailbreak.
  +
  +
On {{date|2015|04|19}} he released a YouTube video of a iOS 8.4 beta jailbreak, he has said he will not release it to the public.
   
 
===Presentations===
 
===Presentations===
  +
*[http://www.slideshare.net/i0n1c/syscan-2015-esserios678securityastudyinfail iOS 678 Security - A Study in Fail]
*[http://conference.hitb.org/hitbsecconf2011kul/materials/D2T1%20-%20Stefan%20Esser%20-%20iPhone%20Exploitation%20-%20One%20ROPe%20to%20Bind%20Them%20All.pdf HITB 2011 Malaysia: iPhone Exploitation - One ROPe to bind them all?]
 
  +
*[http://www.slideshare.net/i0n1c/ruxcon-2014-stefan-esser-ios8-containers-sandboxes-and-entitlements Ruxcon 2014 - iOS8 Containers, Sandboxes and Entitlements]
  +
*[https://reverse.put.as/wp-content/uploads/2011/06/SyScan2012_StefanEsser_iOS_Kernel_Heap_Armageddon.pdf SyScan Singapore 2012: iOS Kernel Heap Armageddon (PDF)]
 
*[http://antid0te.com/CSW2012_StefanEsser_iOS5_An_Exploitation_Nightmare_FINAL.pdf CanSecWest 2012: iOS5, an Exploitation Nightmare (PDF)]
 
*[http://antid0te.com/CSW2012_StefanEsser_iOS5_An_Exploitation_Nightmare_FINAL.pdf CanSecWest 2012: iOS5, an Exploitation Nightmare (PDF)]
 
*[https://media.blackhat.com/bh-us-11/Esser/BH_US_11_Esser_Exploiting_The_iOS_Kernel_Slides.pdf BlackHat US 2011: Exploiting the iOS Kernel (PDF)]
 
*[https://media.blackhat.com/bh-us-11/Esser/BH_US_11_Esser_Exploiting_The_iOS_Kernel_Slides.pdf BlackHat US 2011: Exploiting the iOS Kernel (PDF)]
  +
*[http://conference.hitb.org/hitbsecconf2011kul/materials/D2T1%20-%20Stefan%20Esser%20-%20iPhone%20Exploitation%20-%20One%20ROPe%20to%20Bind%20Them%20All.pdf HITB 2011 Malaysia: iPhone Exploitation - One ROPe to bind them all?]
 
 
===Links===
 
===Links===
*[https://twitter.com/i0nic i0nic on Twitter]
+
*[https://twitter.com/i0n1c i0n1c on Twitter]
 
*[http://www.suspekt.org Homepage]
 
*[http://www.suspekt.org Homepage]
 
*[https://github.com/stefanesser GitHub]
 
*[https://github.com/stefanesser GitHub]
 
[[Category:Hackers]]
 
[[Category:Hackers]]
  +
[[Category:Security Researcher]]

Latest revision as of 13:06, 17 September 2021

i0n1c, whose real name is Stefan Esser, is a German security researcher. He developed Antid0te, an ASLR for jailbroken iPhones in fall 2010, but never released it, because iOS since 4.3 includes an implementation of ASLR. He developed an untethering exploit for iOS 4.3. He gave a version of the exploit that worked on iOS 4.3.1 to the iPhone Dev Team which updated redsn0w and PwnageTool to use it and released the new tools on 4 April 2011. sn0wbreeze was also updated to include his untether. As the vulnerability went unpatched in iOS 4.3.2 and 4.3.3, he updated his code later to support those firmwares. An iOS 4.3-compatible version was never released. His exploit was used in Pangu jailbreak.

On 19 April 2015 he released a YouTube video of a iOS 8.4 beta jailbreak, he has said he will not release it to the public.

Presentations

Links