toggle

AAPL Stock: 128.54 ( -0.82 )

Printed from http://www.macnn.com

Website details iPhone root exploit

updated 10:45 am EDT, Fri September 28, 2007

iPhone root exploit

A recent weblog post, made by one of the participants of the Metasploit hacking project, details how an iPhone might be turned into a mobile hacking tool complete with root access. The post author notes that every process on an iPhone is run as root, including Mail and Safari, and that even a single flaw in one of them can lead to an iPhone being completely exploitable. This bears resemblance to the webpage exploit fixed by Apple in the v1.0.1 firmware, but notably, a general vulnerability appears to remain with the v1.0.2 firmware. There is no word yet on whether this has been solved in the new v1.1.1 release.

One hacked iPhone can in theory be made to target another, forcing it to take photos, share contact lists, or even dial phonecalls without the owner's consent, a particular problem since "always-on" EDGE access means this can be done any time an iPhone is not powered down. Compounding the danger is that mDNSResponder, also known as Bonjour, ZeroConf and Rendezvous, runs by default. The service broadcasts a user's hostname over Wi-Fi, giving hackers a target; it is noted however that active discovery of hostnames may not be easy.

The weblog poster observes that some modifications allow the installation of the Metasploit Framework, which in turn can be made to load iPhone executables. This however does not constitute an exploit by itself, since it is left up to other coders to determine the minute details of breaking into other phones.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. ZinkDifferent

    Joined: Dec 1969

    0

    Well...

    First of all, it's stuff like this why Apple keeps tightening security on iPhone, and why they close exploitable hole after exploitable hole -- the hacking community that lives under the delusion that Apple deliberately goes after their hacks labors in a delusion. It's about security, not the ability to snap pictures dressed as a pirate.

    That being said, if I understand this weblog entry from yet another self-proclaimed security 'expert' right, it's all hypothetical musings -- i.e. "if a potential exploit on an older version of the iPhone's firmware had security flaws, and if it were to be exploited, and if a piece of software exploited existed to do so, and if somone were inclined to do so.... then, *maybe* an iPhone could be exploited"

    That's a lot of 'ifs'. I guess the usual grab for attention, while talking out of their asses...

  1. testudo

    Joined: Dec 1969

    0

    Re: well

    First of all, it's stuff like this why Apple keeps tightening security on iPhone, and why they close exploitable hole after exploitable hole -- the hacking community that lives under the delusion that Apple deliberately goes after their hacks labors in a delusion. It's about security, not the ability to snap pictures dressed as a pirate.

    Blocking 'hacks' on the phone has nothing to do with security. As can be seen, there's still loads of potentials for problems. The biggest problem is actually that it IS a closed platform, which limits the amount of time/effort spent by security people to see how secure it is, but it doesn't stop those who'd want to hack it.

  1. ViktorCode

    Joined: Dec 1969

    0

    Closed isn't a problem

    You are speaking like if the fact of being closed platform has something to do with security in general. Wake up! Many of Mac OS X exploits both patched and unpatched have been discovered in open source parts of the system, like Java. Look at other open source platforms - aren't they ridden with exploits too? Going open source is not a solution for security problems.

    Also, before panic started i would like to point out that there's a big difference between a potential exploit and a real exploit out in the wild. It is the presence of the latter that indicates the fact of some company being lax on security. If potential exploits patched quickly enough then there never be real ones.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, it's not exactly something most people put a lot of thought into. Printers are often touted as ...

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...

OmniPlan (OS X, iOS)

We reviewed the Omni Group's most famous Mac software, a To Do app called OmniFocus, back in June 2014, and we were impressed. Some o ...

toggle

Most Commented