Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Cracking the iPhone (5 article series)

Cracking the iPhone (5 article series)

From: H D Moore <sflist_at_digitaloffense.net>
Date: Mon, 22 Oct 2007 12:57:28 -0500

The last part of my iPhone-related blog entries was posted last night. The
first article discusses the architecture and provides some useful
shellcode for already-modified phones.
 
http://blog.metasploit.com/2007/09/root-shell-in-my-pocket-and-maybe-yours.html

The second article discusses the libtiff exploit and includes a link to a
modified version of the weasel debugger.

http://blog.metasploit.com/2007/10/cracking-iphone-part-1.html

The third article steps through the entire libtiff exploit development
process, using an updated version of the debugger.

http://blog.metasploit.com/2007/10/cracking-iphone-part-2.html

The fourth article describes a different approach to exploiting the
libtiff vulnerability that is much more reliable across a wider range of
applications.

http://blog.metasploit.com/2007/10/cracking-iphone-part-21.html

The fifth and final article walks through the process of developing a
payload capable of writing arbitratry executables to disk and executing
them. The final article closes with a stand-alone shell that can be used
to gain remote, interactive access to unmodified iPhones, and
demonstrates how to use this shell to apply the third-party libtiff
patch.

http://blog.metasploit.com/2007/10/cracking-iphone-part-3.html

-HD
Received on Oct 23 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos