Zilele acestea se desfasoara concursul Pwn2Own si doi hackeri au reusit sa utilizeze o vulnerabilitate a Safari pentru a exploata un iPhone 4S, inclusiv cu iOS 6 instalat. Vulnerabilitatea a fost conceputa pentru a functiona pe iOS 5, insa ea a putut fi utilizata si cu iOS 6 pentru a extrage: poze si clipuri video din libraria multimedia, date despre contacte si istoria navigarii pe internet, toate aceste reusite aducandu-le hackerilor un premiu de 30.000$.
The exploit itself took some jumping around. With the WebKit bug, which was not a use-after-free flaw, the researchers had to trigger a use-after-free scenario and then abuse that to trigger a memory overwrite. Once that was achieved, Pol and Keuper used that memory overwrite to cause a read/write gadget, which provided a means to read/write to the memory of the iPhone. “Once we got that, we created a new function to run in a loop and used JIT to execute the code without signing,” Keuper explained.
A fost nevoie de 3 saptamani si multa munca pentru a putea utiliza exploit-ul in modul descris in cadrul Pwn2Own, insa munca depusa de hackeri le-a adus un premiu consistent. Desi exploit-ul utilizat de catre ei este foarte important, hackerii sustin ca l-au distrus si se afla in cautarea unei noi provocari, insa adevarul il stiu doar ei.
This post was last modified on sept. 20, 2012, 8:35 AM 08:35