Easy Browser Based iPhone Jailbreak Could Be Possible Again!

Uncategorized | Thursday March 25 2010 10:00 am | Comments (0)

An iPhone exploit demonstrated at the CanSecWest conference today could bring back easy jailbreaks from the 1.x iPhone days.

Wednesday, researchers hacked a non-jailbroken iPhone, Safari on Snow Leopard, and both IE 8 and Firefox on Windows 7.

Charlie Miller won $10,000 after hacking Safari on a MacBook Pro without having physical access to the computer.

Ralf Philipp Weinmann of the University of Luxembourg, and Vincenzo Iozzo of German company Zynamics, hacked the iPhone and will receive a $15,000 prize.

Interestingly, their hack could mean good news for those looking to jailbreak. lozzo and Weinmann spent two weeks designing a way to steal the contents of the iPhone SMS datclothse.

To accomplish the attack the iPhone needs to visit a Web site which hosts the exploit code. “The payload executes and uploads the local SMS datclothse of the phone to the server we control,” said Weinmann.

They bypassed digital code signatures using a technique known since 1997 but never used on an ARM processor. The exploit then looked for chucks in Apple’s code that could be pieced together to accomplish the attack.

While the attack was used to grab just the SMS data, it could also be used to perform a jailbreak on the device, according to MuscleNerd from the iPhone Dev-Team.

“Congrats to @_snagg and @esizkur. This potentially re-opens userland jailbreaks that haven’t been around since 1.x days (jailbreakme.com)”

“the bug they used should exist in 3.1.3 MobileSafari on all iphones/ipods though the actual payload bytes may differ”

MuscleNerd warns that Apple will likely close this bug as soon as possible…

“Userland exploits affect security for all iPhones so expect Apple to close these as soon as they can. JBers avoid updates!”

Read More [via CNET]

Related posts:

  1. GeoHot Explains How the PurpleRa1n Jailbreak Works
  2. GeoHot Posts Entire Source Code for iPhone 3GS Unlock
  3. GeoHot Addresses PurpleRa1n Jailbreak for iPhone OS 3.0.1
  4. Apple Posts Anti-Jailbreak Support Document
  5. Jailbreak for the iPhone 3GS Confirmed

Related posts brought to you by Yet Another Related Posts Plugin.

No Comments »

No comments yet.

RSS feed.

Leave a comment