User:Userlandkernel

About me[edit source]

  • @userlandkernel on Twitter
  • Hacking stuff (literally anything, web / networks, vending machines, radio etc etc) since 2012
  • Love developing nerdy debug tools and documenting the unknown
  • Am more known for my interest in iOS
  • I am a fast learner
  • I like hardware based side channel attacks (CoreSight KTRW, WatchTower defeat with CPACR, Meltdown & Spectre)

Disclosed iOS Vulnerabilities[edit source]

  • IOUSBFamily use after free
  • assetsd type-confusion
  • iBooks Denial-of-Service
  • Shortcuts App, partial sandbox escape

Current projects[edit source]

  • Reverse engineering the NVME firmware
  • Flashing custom-made NVME firmware
  • Testing whether NVME firmware can turn off or alter IOMMU.
  • Research whether NVME can be a persistent side-channel to patching iBoot at SecureBoot time