Open in app

Sign In

Write

Sign In

George Dan
George Dan

84 Followers

Home

About

Mar 20, 2019

BSides Canberra 2019 CTF Write-Up: SecElf cyOS Jailbreak

SecElf cyOS Jailbreak was a pwn challenge at Cybears CTF at BSides Canberra 2019. The Problem: The goal of the challenge was to develop a PoC “jailbreak” for the fictional cyOS. Given to players was a collection of files, which included the OS’s ELF loader, both source and compiled. A web…

Ctf

7 min read

BSides Canberra 2019 CTF Write-Up: SecElf cyOS Jailbreak
BSides Canberra 2019 CTF Write-Up: SecElf cyOS Jailbreak
Ctf

7 min read


Aug 1, 2017

CVE-2017–6976: iCloud User Information Disclosure

AppleIDAuthAgent is a service that exists on iOS that appears to handle actions regarding a users Apple ID, including iCloud information linked to that account. It runs an XPC service known as com.apple.coreservices.appleid.authentication, which could be accessed by any application. When looking around how the service was handling incoming XPC…

2 min read

2 min read


Jul 22, 2017

h1702ctf 2017 — Writeups

About 4 weeks ago, Hacker1 held their h1702ctf as a qualifier for the main h1702 event in Las Vegas later this month. The theme of this CTF was mobile applications, specifically applications on iOS and Android. I managed to be the 6th person to complete all the challenges. …

Android

10 min read

h1702ctf 2017 — Writeups
h1702ctf 2017 — Writeups
Android

10 min read


May 25, 2017

Journey in “Electrino”

I was wondering on GitHub one day when I saw this project called Electrino which happened to be rising up in the trending page. I decided to take a quick look at it, and discovered it was a project that aimed to use native web browser frameworks, rather than bundling…

IOS

3 min read

IOS

3 min read


May 17, 2017

CVE-2017–2499: webinspectord UCE

webinspectord is the service in charge of all operations related to the use of the ‘Web Inspector’ on iOS. It runs an XPC service known as com.apple.webinspector. Note: All of the info I mention below is from webinspectord on iOS 10.2 IPSW. From what I’ve seen, 10.3+ …

2 min read

2 min read


Feb 3, 2017

Breaking iOS: XPC

Note: This article at the beginning is more for beginners. I discuss more about XPC further down the article. And so the long journey begins. For you and for me. In summary, I decided to embark on a journey the entirely long way. I’ve received advice from lots of security…

Programming

7 min read

Programming

7 min read


Jun 17, 2016

Simulator Injections (iOS 10)

With the reveal of iOS 10, some jailbreak developers have been trying to get dylib injection so they can either test existing tweaks or do some research. The best way to do this is heavily based on friggog’s method. With some modifications, you can easily do this with iOS 10. …

IOS

1 min read

IOS

1 min read

George Dan

George Dan

84 Followers

18, Security

Following
  • Code.org

    Code.org

  • Pragmatic Coders

    Pragmatic Coders

  • MIT Media Lab

    MIT Media Lab

  • Android Developers

    Android Developers

  • Medium Security

    Medium Security

See all (92)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams