Cross-Site Escape: Pwning macOS Safari Sandbox the Unusual Way

In this talk, I’ll present a novel attack targeting the design flaws of the reachable IPC and their associated WebViews by utilizing the classic web security attack, i.e., Cross-Site Scripting (XSS). Without re-exploiting WebKit twice, native code execution outside the sandbox is achieved….

By: Zhi Zhou

Full Abstract & Presentation Materials: HatRead More