Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to Virus.Org !  May 12th 2008 - 04:55:40 AM
.
.
.

Main Menu

Home
News Archive
FAQs
Articles
Password Database
Malware Scanner
Mailing List Archive
Virus.Org Designs
Password Generator
Web Links
Search

Search

Mailing List Search

Advertisement

Login Form






Lost Password?
No account yet? Register

Who's Online

We have 1 guest online

Syndicate

Get Firefox

.
iPhone Hacks Galore PDF Print E-mail
Written by Editor   
Friday, 12 October 2007

At the beginning of the week those who had iPhone which had been updated to version 1.1.1 firmware and wanted to unlock or activate without talking to AT&T, well out of luck. Then just 4 days later the entire ball park has changed. 

This is in part thanks to a security vulnerability within the 1.1.1 firmware. It seems that when apple shipped the iPhone 1.1.1 firmware they included a version of libtiff that contained a security vulnerability. It also transpires that this same issue is present in the firmware on the recently released iTouch. Luckily for the iPhone/iTouch hacking community it could be triggered while using Mobile Safari and Mobile Mail. This vulnerability within libtiff, is one that had been used previously to compromise Sony PSPs so that users could run home-brew games on the device.

So along come two iPhone Dev Team members Niacin and Dre, who then put together an impressive exploit for the libtiff issue to allow them to affect a Jailbreak for the iPhone/iTouch. The exploit they produced creates a massive stack frame and then returns back to an address within the libSystem shared library. Then after some messing with chained returns their exploit is able to rename a file, create a symlink and remount the root filesystem with full read/write access.

Now lets roll back to the beginning of the week, the iPhone Dev Team was showing their current status on the firmware as being all Red. They had not been able to decrypt the new firmware, let alone create a hack to activate the iPhone or enable Third Party Applications. Today, well different story, the only thing missing today is a working unlock for the handset. Firmware has been successfully decrypted, activation, read/write access and Third Part App Testing is all green.. And it seems that the full unlock is close to being completed.

This may of course all be moot, if those bringing the lawsuit in the US are successful in stopping Apple locking the handsets to a specific carrier. Interestingly, when the iPhone goes on Sale in the UK in November under the regulations for Cellular operators in the UK O2 the provider partnering with Apple will be required to provide at a customers request a means to unlock a phone to work with any network, granted you may have to pay for it, but there will be an ‘easy’ way to do it.
 
Tag it:
Delicious
Furl it!
Spurl
Digg
Reddit
YahooMyWeb
Technorati
Stumble
 .

Donate to Virus.Org

Polls

Will OS X be the next big hacker target?
 
.

Copyright © Virus.Org 1997-2008
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.
You can syndicate our news using the file backend.php
Listed on BlogShares
Technorati