funsec mailing list archives
Re: How to hijack 'every iPhone in the world'
From: Dragos Ruiu <dr () kyx net>
Date: Fri, 31 Jul 2009 12:37:26 -0700
But as C. Miller covered in his EUSecWest presentation "Owning your Grandmother's iPhone" exploitation in a non-jailbroken environment is substantially more complex. A lot of the tools from jail-breaking that are leveraged to get command exec are just not there on the stock phone. cheers, --dr On 31-Jul-09, at 8:12 AM, Juha-Matti Laurio wrote:
Details are being covered at http://www.theregister.co.uk/2009/07/31/smart_phone_hijacking/ ".... The bug resides in CommCenter, a service that's responsible for handling SMS, wireless and other functions in the iPhone. By default, it runs as root and isn't limited by an application sandbox. That makes it an ideal vector for taking control of the device. What's more, the messages are delivered automatically and often aren't easy for users to block. ...." Juha-Matti der Mouse [mouse () rodents-montreal org] kirjoitti:"On Thursday, two researchers plan to reveal an unpatched iPhone bug that could virally infect phones via SMS. [...]Any betting Apple manages to get them gagged before they can present? :( /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse () rodents-montreal org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- How to hijack 'every iPhone in the world' Juha-Matti Laurio (Jul 30)
- Re: How to hijack 'every iPhone in the world' der Mouse (Jul 30)
- <Possible follow-ups>
- Re: How to hijack 'every iPhone in the world' Juha-Matti Laurio (Jul 31)
- Re: How to hijack 'every iPhone in the world' Dragos Ruiu (Jul 31)
- Re: How to hijack 'every iPhone in the world' Juha-Matti Laurio (Jul 31)