Have you ever wondered how the iOS sandbox works?
While working with iOS, I often ran into this security feature, trying to figure out what I could and couldn’t do during my research. I realized I needed a better way to understand the sandbox rules.
I found an old decompilation tool that had stopped being supported years ago. So, I decided to bring it back to life by adding support for modern iOS versions. This not only made the tool useful again but also opened up new possibilities for security research.
But there was another problem—the tool’s output was hard to read and understand, making it almost unusable.
In this talk, I’ll explain the iOS sandbox structure, share the journey of revamping this decompiler, and show how we made its results more readable and useful.
By uncovering the rules the sandbox enforces and how it operates, we can reveal vital security insights and their real-world impact. The enhanced tool can significantly boost research capabilities and provide deeper insights into iOS security.
Speaker Bio:
Yarden Hamami is an iOS security researcher specializing in reverse engineering and exploitation. Their work involves uncovering critical insights into iOS security to advance our understanding of potential vulnerabilities and exploits.