iPhone Security Researcher Unleashes Exploit
H.D. Moore's exploit will gain control of a modified iPhone and promises instructions to crack an unmodified phone soon.
H.D. Moore has released instructions on writing a critical exploit that leverages a bug in how Apple's iPhone handles TIFF image files and, to enable the writing of exploits, has put out a new version of his Weasel debugger that can handle the peculiarities of the phone's ARM processors.
At this point, the exploit can only take over phones that have been tinkered with, but Moore is promising to post instructions on how to exploit unmodified iPhones soon.
The vulnerability in question is in libtiff, the iPhone's library for reading and writing TIFF files. From the get-go, Apple, of Cupertino, Calif., shipped the iPhone with a vulnerable version of libtiff and didn't bother to fix it in the recent 1.1.1 update—"fortunately for the iPhone development community," Moore noted in an Oct. 11 posting that was the first of his two-part series on cracking the iPhone.
The vulnerability can be exploited through the phone's MobileSafari Web browser.
Read the whole article @ eWeekGet a Free iPhone! Yes, that is correct! Stay away from the hassles of earning enough to pay for it for you can get it the simple way .... straight to your doorstep! Free! Interested? Then find out how to get a Free iPhone!
Labels: apple, eweek, free iphone, free ipod touch, iphone, safari
0 Comments:
Post a Comment
<< Home