Dynastic Research

01 March 2019

Completely Bypassing Codesigning on Modern iOS

iOS prevents the execution of unsigned binaries, and in iOS 12, CoreTrust enforces this even further, becoming a significant obstacle for jailbreaks. In this post, we will detail a practical attack against both AMFI and CoreTrust, utilising a time of check to time of use (TOCTOU) attack.

31 January 2019

CoreTrust: an overview

CoreTrust is a new mechanism added in iOS 12 by Apple, aimed at preventing the “fake signing” technique used by tools such as ldid and jtool. It does this by ensuring any CMS blob attached to a mach-o contains a signature from Apple.

29 January 2019

Welcome to the Dynastic Research Blog

Welcome to the new home for our latest technological research.