This gotta be one of the best offensive security tutorials I’ve ever come across. Thank you so much!

New favourite channel, nice one ;)

so how do people exploiting communicate with the device before jailbroken?

Couldn't find the file

Could you show the full source of the rop1. As I noticed you never showed the locations of 0xbff8, 0xbffc, and 0xbfec. What did you use to compile?

Oh man you have a perfect I phone oceon 0:45

Great tutorial, Thanks!!

great work. what's the benefit of logging in via ssh to root@192.168.1.68?

Does this work on ARM64?

Thanks for the tutorial

Hi Billy, Is it possible to execute ARM-based programs on a non-jailbroken/non-SSHable device? I was wondering because I'm on iOS 12 right now and there's no jailbreak or any form of ssh available at the moment. It's also ARM64, so maybe not the best idea to start out with, but I assume there must be a way to test it (as bug finders look for bugs by trial and error to some degree?). Thanks, HankyNoodle

If I have a kernel panic, what do I do?

Nice tutorial bro 👌

I want this theme on terminal. How can I install it ? Please help me.