| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Oct 2007 12:57:13 -0500 From: H D Moore <sflist@...italoffense.net> To: BUGTRAQ <bugtraq@...urityfocus.com> Subject: Cracking the iPhone (5 article series) The last part of my iPhone-related blog entries was posted last night. The first article discusses the architecture and provides some useful shellcode for already-modified phones. http://blog.metasploit.com/2007/09/root-shell-in-my-pocket-and-maybe-yours.html The second article discusses the libtiff exploit and includes a link to a modified version of the weasel debugger. http://blog.metasploit.com/2007/10/cracking-iphone-part-1.html The third article steps through the entire libtiff exploit development process, using an updated version of the debugger. http://blog.metasploit.com/2007/10/cracking-iphone-part-2.html The fourth article describes a different approach to exploiting the libtiff vulnerability that is much more reliable across a wider range of applications. http://blog.metasploit.com/2007/10/cracking-iphone-part-21.html The fifth and final article walks through the process of developing a payload capable of writing arbitratry executables to disk and executing them. The final article closes with a stand-alone shell that can be used to gain remote, interactive access to unmodified iPhones, and demonstrates how to use this shell to apply the third-party libtiff patch. http://blog.metasploit.com/2007/10/cracking-iphone-part-3.html -HD
Powered by blists - more mailing lists