Tihm Star


Talk Title :

Jailbreaking the AppleTV3 - Tales from a full stack hack

Abstract :

The AppleTV 3 is among few apple devices which did withstand hacking the longest.Only 8 years after release a jailbreak was published, which exploits 5 different n-day vulnerabilities to achieve full untethered compromise.

The reason that the AppleTV3 kept its guards for so much longer than even newer and by magnitudes more secure iPhones, lies in the significantly reduced attack surface (and arguably lower interest from hackers to put up the effort).

Equipped with several n-day vulnerabilities this presentation takes another look at this (now end-of-life) device and walks you through an exciting adventure of pwning the device bit by bit, while discussing problems encountered at each step and their corresponding methods to solve them.

The general audience will learn several tricks which can come in handy for attacking other restricted devices, while the motivated (beginner-level-)hacker will get all information needed to reproduce this exploit-chain himself.

Minor iOS updates breaking the exploit chain (but not fixing the actual vulnerabilities) were release after publishing the jailbreak, however the jailbreak was purposefully not updated to account for those to leave the opportunity for others to learn from this project.

Bio :

Tihmstar started hacking iOS in 2015 and since then created various tools for research, downgrading, and contributed to various jailbreaks. Among those, he created tools for downgrading: futurerestore, tsschecker, img4tool Released various local, remote, and untethered jailbreaks [32bit and 64bit] for iOS 8-14 for iPhone, iPod, iPad, AppleWatch, AppleTV.

Want to connect?