Exploits

Snapchat API and exploits published by hacker group, could allow users' names and phone numbers to be connected

It appears that Snapchat's API has been hacked, and exploits that allow a script to associate user's phone numbers, display names, user names, and account privacy level en masse have been published. An Australian hacker group calling themselves Gibson Security published details the hack this week. Snapchat's API has so far been undocumented.

More →

6
loading...
0
loading...
48
loading...
0
loading...

CoreText exploit analyzed

An analysis has been conducted on the recently-uncovered CoreText exploit, to determine exactly how it worked. The expolit crashed apps when malicious text messages and emails were opened on iOS devices and Macs. The exploit had to do with negative-length strings, according to The Register

More →

-
loading...
-
loading...
-
loading...
-
loading...

What you need to know about the CoreText exploit that can crash iOS and OS X apps

An exploit in CoreText, the font rendering framework in current, publicly available versions of iOS and OS X, has been discovered that, if displayed, will crash apps. According to habrahabr.ru, it can be remotely triggered via SMS or iMessage, Safari, and even the ESSID of a Wi-Fi network when scanning for and displaying them. Our security editor, Nick Arnott, has been looking into this morning and shared the following:

More →

-
loading...
-
loading...
-
loading...
-
loading...

Apple approved apps leak more private data than their jailbroken counterparts

Apple has always been known to heavily curate their App Store, like Walmart, while the jailbroken alternative, Cydia, has always been looked at as more open, like a market. It turns out, however, official App Store apps may leak your data far more than their unapproved, jailbreak counterparts.

More →

3
loading...
0
loading...
68
loading...
0
loading...

Timestamp security bug leaves your photos vulnerable under iOS 5

A newly discovered timestamp security bug may leave your iOS device photos exposed regardless of whether or not your device is passcode locked. Ade Barkah, a Canadian tech consultant, has figured out that changing the time on your device will leave any photo taken in the "future" accessible via the quick camera toggle on the home screen.

More →

-
loading...
-
loading...
-
loading...
-
loading...

pod2g posts more details on Corona untether

pod2g has updated his blog with more details on how the Corona untether actually works. If the deep inner workings of exploits such as this interest you, it's definitely something you'll want to check out.

Using a fuzzer, I found after some hours of work that there's a format string vulnerability in the racoon configuration parsing code! racoon is the IPsec IKE daemon (http://ipsec-tools.sourceforge.net/). It comes by default with iOS and is started when you setup an IPsec connection.

Now you got it, Corona is an anagram of racoon :-) .

More →

-
loading...
-
loading...
-
loading...
-
loading...

Want an untethered jailbreak? Help the jailbreak community find one with new Chronic Dev crash reporter tool

Waiting for an untethered jailbreak on iOS 5? The Chronic Dev Team has just released a crash reporter tool that will allow your to submit your crash reports to them instead of Apple. Crash reports are most likely the way Apple finds exploits in iOS and patches them.

The Chronic Dev Team is hoping to find exploits in the same way for a different reason - a jailbreak for all. You simply install the program to your computer, attach your device to the computer, and click a single button to send your exploits to the Chronic Dev Team. The program is currently available only for Mac users but a Windows version should follow over the next 24 hours.

More →

-
loading...
-
loading...
-
loading...
-
loading...

Comex answers questions about his position at Apple

Comex has been answering a lot of the general public's questions about his upcoming internship at Apple over on Reddit. Many users have been wondering whether or not this will effect jailbreak and how hard it will be for other jailbreak developers to find exploits with Comex working for the other guys now.

More →

-
loading...
-
loading...
-
loading...
-
loading...

Security researchers: iPhone Keychain circumvented, data stolen in 6 minutes

If someone manages to take physical possession of your iPhone and keep it long enough to Jailbreak it, enable SSH, and get access to the root, they can compromise Apple's Keychain password management system and get to your data in roughly 6 minutes.

The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.

More →

-
loading...
-
loading...
-
loading...
-
loading...

Apple releases iOS 4.0.2 for iPhone, iOS 3.2.2 for iPad, kills Jailbreakme.com, PDF exploit

Apple has just released iOS 4.0.2 for iPhone and iOS 3.2.2 for iPad which on the surface seem only to patch the zero day, in the wild PDF rendering exploit that enabled Jailbreakme.com, but could have also potentially allowed all manner of malware attacks against the iPhone Safari browser.

At a whopping 579.3 MB for iOS 4.0.2, it does seem like there should be something more substantial in the update -- proximity sensor fix anyone? -- but if there is, Apple isn't saying.

More →

-
loading...
-
loading...
-
loading...
-
loading...

Pages