{"guid":"cb67ad7f-7e12-4f34-aec0-748a61f3f958","title":"Pegasus internals","subtitle":"Technical Teardown of the Pegasus malware and Trident exploit chain","slug":"33c3-7901-pegasus_internals","link":"https://fahrplan.events.ccc.de/congress/2016/Fahrplan/events/7901.html","description":"This talk will take an in-depth look at the technical capabilities and vulnerabilities used by Pegasus. We will focus on Pegasus’s features and the exploit chain Pegasus used called Trident. Attendees will learn about Pegasus’s use of 0-days, obfuscation, encryption, function hooking, and its ability to go unnoticed. We will present our detailed technical analysis that covers each payload stage of Pegasus including its exploit chain and the various 0-day vulnerabilities that the toolkit was using to jailbreak a device. After this talk attendees will have learned all of the technical details about Pegasus and Trident and how the vulnerabilities we found were patched.","original_language":"eng","persons":["Max Bazaliy"],"tags":["Security"],"view_count":3383,"promoted":false,"date":"2016-12-27T17:30:00.000+01:00","release_date":"2016-12-27T01:00:00.000+01:00","updated_at":"2026-03-26T03:15:03.741+01:00","length":1778,"duration":1778,"thumb_url":"https://static.media.ccc.de/media/congress/2016/7901-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2016/7901-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2016/cb67ad7f-7e12-4f34-aec0-748a61f3f958-timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2016/cb67ad7f-7e12-4f34-aec0-748a61f3f958-thumbnails.vtt","frontend_link":"https://media.ccc.de/v/33c3-7901-pegasus_internals","url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_title":"33C3: works for me","conference_url":"https://api.media.ccc.de/public/conferences/33c3","related":[{"event_id":3607,"event_guid":"64c07cb5-ec19-4972-a2c8-96c0e0df83c6","weight":39},{"event_id":3609,"event_guid":"1efa803c-d280-49f0-bd17-8ec8f28e054f","weight":31},{"event_id":3612,"event_guid":"c92203a0-9158-4111-ab52-5dacd0e46c73","weight":39},{"event_id":3615,"event_guid":"74783236-46f4-493c-9574-1b27a44847b7","weight":64},{"event_id":3618,"event_guid":"fc959f0c-5e93-4b23-8a63-5b6478adb700","weight":39},{"event_id":3619,"event_guid":"84ce6d72-3f4f-445b-801e-37f6a1331bed","weight":29},{"event_id":3620,"event_guid":"dd070191-1d1c-4b9c-a887-e4950a688cdb","weight":70},{"event_id":3622,"event_guid":"80190dbb-bf17-40a0-95e4-18a32bcd37e4","weight":31},{"event_id":3624,"event_guid":"600ca67d-e18d-49d8-8e5d-08d5b38ec528","weight":40},{"event_id":3625,"event_guid":"65d150d3-f432-4a36-b3e3-20ee80ad913c","weight":28},{"event_id":3626,"event_guid":"c3844820-b5ed-4b12-9094-cfc67aff60be","weight":42},{"event_id":3629,"event_guid":"686b1941-b211-4902-b4c4-1d642398e08b","weight":35},{"event_id":3634,"event_guid":"361946ca-4577-467d-b608-022c8a2d3164","weight":31},{"event_id":3697,"event_guid":"a431b8a5-b8af-4ccf-bba2-7b1d88a782fb","weight":37}],"recordings":[{"size":null,"length":null,"mime_type":"application/x-subrip","language":"fin","filename":"33c3-7901-eng-deu-Pegasus_internals.fi.srt","state":"translated","folder":"","high_quality":true,"width":null,"height":null,"updated_at":"2022-03-05T12:13:56.783+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/33c3-7901-eng-deu-Pegasus_internals.fi.srt","url":"https://api.media.ccc.de/public/recordings/57704","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"},{"size":null,"length":null,"mime_type":"application/x-subrip","language":"eng","filename":"33c3-7901-eng-deu-Pegasus_internals.en.srt","state":"complete","folder":"","high_quality":true,"width":null,"height":null,"updated_at":"2022-03-01T20:13:02.256+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/33c3-7901-eng-deu-Pegasus_internals.en.srt","url":"https://api.media.ccc.de/public/recordings/50646","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"},{"size":144,"length":1778,"mime_type":"video/mp4","language":"eng","filename":"33c3-7901-eng-Pegasus_internals.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-12-27T20:23:02.346+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/h264-hd/33c3-7901-eng-Pegasus_internals.mp4","url":"https://api.media.ccc.de/public/recordings/13580","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"},{"size":164,"length":1778,"mime_type":"video/mp4","language":"deu","filename":"33c3-7901-deu-Pegasus_internals.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-12-27T20:23:27.587+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/h264-hd/33c3-7901-deu-Pegasus_internals.mp4","url":"https://api.media.ccc.de/public/recordings/13581","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"},{"size":205,"length":1778,"mime_type":"video/mp4","language":"eng-deu","filename":"33c3-7901-eng-deu-Pegasus_internals_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-12-27T20:23:57.614+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/h264-hd/33c3-7901-eng-deu-Pegasus_internals_hd.mp4","url":"https://api.media.ccc.de/public/recordings/13582","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"},{"size":168,"length":1778,"mime_type":"video/webm","language":"eng-deu","filename":"33c3-7901-eng-deu-Pegasus_internals_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2016-12-28T14:31:17.343+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/webm-hd/33c3-7901-eng-deu-Pegasus_internals_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/13750","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"},{"size":26,"length":1765,"mime_type":"audio/mpeg","language":"eng","filename":"33c3-7901-eng-Pegasus_internals.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2016-12-28T15:35:00.360+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/mp3/33c3-7901-eng-Pegasus_internals.mp3","url":"https://api.media.ccc.de/public/recordings/13792","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"},{"size":22,"length":1765,"mime_type":"audio/opus","language":"eng","filename":"33c3-7901-eng-Pegasus_internals.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2016-12-28T15:59:27.993+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/opus/33c3-7901-eng-Pegasus_internals.opus","url":"https://api.media.ccc.de/public/recordings/13829","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"},{"size":78,"length":1778,"mime_type":"video/mp4","language":"eng-deu","filename":"33c3-7901-eng-deu-Pegasus_internals_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2016-12-28T16:06:44.500+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/h264-sd/33c3-7901-eng-deu-Pegasus_internals_sd.mp4","url":"https://api.media.ccc.de/public/recordings/13846","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"},{"size":75,"length":1778,"mime_type":"video/webm","language":"eng-deu","filename":"33c3-7901-eng-deu-Pegasus_internals_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2016-12-28T16:18:20.537+01:00","recording_url":"https://cdn.media.ccc.de/congress/2016/webm-sd/33c3-7901-eng-deu-Pegasus_internals_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/13873","event_url":"https://api.media.ccc.de/public/events/cb67ad7f-7e12-4f34-aec0-748a61f3f958","conference_url":"https://api.media.ccc.de/public/conferences/33c3"}]}