The XNU kernel is essential to iOS and macOS security. In this video, we'll take a look into Apple's open-source releases as well as free tools to analyze closed-source extensions.
Full playlist of reversing shorts: https://www.youtube.com/playlist?list=PLkOopkYm0fCV45i_n8z5LSUL3QBXNAP2G
XNU open source: https://github.com/apple-opensource/xnu
IPSW downloads: https://ipsw.me/
img4tool: https://github.com/tihmstar/img4tool
Ghidra kernelcache plugin: https://github.com/0x36/ghidra_kernelcache
iometa: https://github.com/Siguza/iometa/
jtool2: http://www.newosxbook.com/tools/jtool.html
Chapters:
00:00 - Why does kernel security matter?
01:15 - XNU Open Source
02:00 - IPSW and OTA to get a kernelcache
03:48 - How to unpack a kernelcache
04:35 - Loading a kernelcache into Ghidra
05:56 - Running the kernelcache plugin with iometa
07:18 - Symbolicating a kernel panic with jtool2
08:24 - Why a kernel panic is still a long way to go to a jailbreak
