Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore macOS Inter-Process Communication (IPC) security vulnerabilities through structured fuzzing techniques targeting Mach message handlers in this 51-minute conference talk. Discover how system daemons expose privileged RPC-like functionality through these handlers and learn why their complexity creates opportunities for sandbox escapes and local privilege escalation. Master the API call chaining technique for guiding coverage-based fuzzers through complex, stateful API interactions while examining a real-world case study of the coreaudiod system daemon. Follow the complete vulnerability discovery process using custom-built fuzzing harnesses, dynamic instrumentation, and combined static and runtime analysis that uncovered several security issues, including a high-impact memory corruption vulnerability. Learn the full exploitation methodology for converting discovered bugs into sandbox escapes on modern macOS systems. Navigate key technical challenges including proper CoreAudio subsystem initialization, mocking unstable components, and building targeted grammars for deeper fuzzing coverage. Access open-source fuzzing harnesses and tools developed specifically for IPC-focused fuzzing on macOS, designed to make this specialized security research more accessible to the broader security community.
