Safari exploit gives hackers full control over iPhones and possibly PCs and Macs [Archive] - DCEmu Network: The Homebrew, Hacking & Gaming Network

View Full Version : Safari exploit gives hackers full control over iPhones and possibly PCs and Macs

wraggster

July 23rd, 2007, 12:34

via engadget (http://www.engadget.com/2007/07/23/safari-exploit-gives-hackers-full-control-of-your-iphone/)

Oops, researchers just unveiled a pretty serious security vulnerability in the iPhone. More specifically, it's Apple's Safari web browser which exhibits the vulnerability. Researchers at Independent Security Evaluators have used the vulnerability to take malicious control of the iPhone from rogue websites loaded with the exploit. Once in, researchers have full administrative access over the phone allowing them to listen in on room audio or snatch the SMS log, address book, call history, email passwords and more -- we're talking full access to your phone. Researchers note that the only way to stay safe is to check those URLs and only visit sites that you trust (which isn't very reassuring) and "may or may not be exploitable" from Mac and PC versions of Safari -- the same vulnerability exists only they haven't written the proof-of-concept exploit to test it yet. Apple has been notified of the vulnerability and a proposed fix with full public disclosure coming at the BlackHat conference on August 2nd.

More Info (http://www.securityevaluators.com/iphone/)

zevende

July 23rd, 2007, 18:01

And the apple users make fun of microsoft for writing buggy, unsafe code! :rofl:

ICE

July 23rd, 2007, 18:59

lol wow that was fast.. i wish sony filled their crap with exploits that are that easily found.. for homebrew :D

although this just sounds like crap for the iphoners. enjoy your $600 phone :D

Jonesyxxiv

July 23rd, 2007, 21:52

Im not sure how to post news, But "Hello World" is running on the iPhone.

"After many, many hours of intense work from "Nightwatch", the first independent "Hello World"* application has been compiled and launched on the iPhone. This was made possible using the "ARM/Mach-O Toolchain", Nightwatch's "special project", that he has been working on so carefully over the past few weeks. Certain parts of the toolchain (such as the assembler) are being refined and tested and these will be released as soon as possible.

It should be noted that Nightwatch has been instrumental in creating these tools, working in near isolation to get them finished. Nightwatch was also responsible for the "jail exploit" that he developed from information he and other members of the the dev team discovered.

Please join us to thank Nightwatch, Tmiw, Darkten and Daeken for making this happen.

- the dev team"

http://iphone.fiveforty.net/wiki/index.php/Main_Page

http://www.engadget.com/2007/07/19/iphone-says-hello-world-here-come-the-3rd-party-apps/
http://www.macrumors.com/2007/07/20/iphone-hello-world-application/
http://www.tuaw.com/2007/07/20/hello-world-says-iphone/