Quentin Meffre

Escaping the Safari Sandbox: A Tour of Webkit IPC


In 2023 Apple fixed a full-chain which used a vulnerability in the WebKit GPU process to escape the WebContent sandbox and compromise an iPhone. After this attack, a lot of new security hardening have been introduced to kill the exploitation methods and reduce even more the WebContent attack surface. This talk will describe the latest exploitation methods related to the WebKit Inter Process Communication attack surface and how Apple developpers fixed many of them.

In this talk, I will describe an interesting and relatively unknown attack surface to escape the WebContent sandbox. I will introduce the WebKit2 architecture, how processes communicate between each other, the message format and everything related to the WebKit Inter Process Communication mechanism. This talk will describe every security change following the 2023 public full-chain, such as the attack surface reduction, the heap allocator hardening (both libPAS, the WebKit allocator and the userland default heap allocator), the Objective-C deserialization hardening and the JavaScript execution context new limitations. The latest userland PAC bypasses will be explained and how they have been fixed. I will also list the few remaining exploitation methods that can still be used on iOS 17 to exploit WebKit IPC escape sandbox vulnerabilities.


Quentin Meffre is a security researcher at Synacktiv. His main interests are vulnerability research and exploit development. He especially likes iOS security. He has spoken at international conferences including, Hexacon, BlackHat EU and SSTIC.