First iPhone Remote Exploit Revealed by White Hats



User avatar


Posts: 4270

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Jul 24, 2007 9:40 am

First iPhone Remote Exploit Revealed by White Hats

Dan Kaplan Jul 23 2007 SC Magazine

In the first true hack of this summer's hottest item, white hat researchers today revealed the Apple iPhone is susceptible to a remote exploit that can give attackers complete control over the device.

A team of consultants at Baltimore-based Independent Security Evaluators today released general details about a buffer overflow vulnerability that could permit malware writers to inject malicious code to steal personal information from a user’s phone, one of the researchers, Jake Honoroff, told SCMagazine.com today. The attack also could be tweaked to drop other malware, for example, a keylogger.

Attackers would attempt to get victims to visit a specially crafted malicious website either through an email link or by controlling a wireless access point, Honoroff, who worked with researchers for 10 days to discover the flaw, said.

As part of the attack, the thieves, who attain administrative privileges, pilfer personal information, which is then sent to a server the attacker operates. The stolen iPhone data can include stored contacts, text messages or passwords, Honoroff said.

"You could make it (the malicious webpage) look totally real, but after a few seconds, their browser would close and all of their information could be stolen," he said.

The Independent Security Evaluators notified Apple about the flaw, and the consulting company is hopeful it will be patched soon. The research team, which included Charlie Miller and Joshua Mason, did not release specific instructions of how to take advantage of the flaw in their disclosure write-up today, and there are no reports of public exploits.

Apple officials would not disclose whether a patch is coming but said the company is investigating the claims.

"We always welcome feedback on how to improve our security," company spokeswoman Lynn Fox told SCMagazine.com today.

The bug is caused by a buffer overflow, a common programming error in which an application attempts to store data beyond its memory capabilities.

To avoid falling victim, users should only visit websites they know and rely on wireless connection points they trust.

If a patch is released, users would download it through the phone's iTunes feature.

Honoroff said the proof-of-concept code shows the iPhone is vulnerable, like any other web-enabled machine. Other researchers have attempted to "unlock" the device over a USB connection, but this marks the first successful break-in over a remote connection, he said.

"The iPhone is a powerful computer and powerful computers are vulnerable to security issues," he said.

Gartner, in a July 10 report, warned enterprises to expect three or four "critical" patches to be released this year for first-generation versions of the iPhone.

"Apple's iPhone was designed and developed first and foremost to appeal to the consumer market," the report said. "Apple didn't include a portfolio of security features and supporting products that are expected by enterprise buyers."

According to the Independent Security Evaluators, although the iPhone restricts third-party applications, it offers the risk of easy exploit because it runs critical processes with administrative privileges and does not use address randomization or non-executable heaps.

Original story:
http://www.scmagazine.com/us/news/artic ... t-revealed



Post Tue Jul 24, 2007 6:43 pm

Re: First iPhone Remote Exploit Revealed by White Hats


beat you to it craig and brian!  ;D


User avatar

Jr. Member
Jr. Member

Posts: 61

Joined: Mon Jan 15, 2007 8:46 am

Location: India

Post Sat Jul 28, 2007 1:49 pm

Re: First iPhone Remote Exploit Revealed by White Hats


All my life I wanted a computer...
Now I want my life back !


User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Wed Aug 01, 2007 4:56 am

Re: First iPhone Remote Exploit Revealed by White Hats

Just two days before revealing the iPhone exploit at Black Hat, Apple release the first patch for the mobile device.

The patch for the iPhone comes two days before a presentation at the Black Hat Security Briefings by Charles Miller, a researcher with Independent Security Evaluators, which promises to reveal details of a serious flaw in the mobile phone's stripped-down browser. The patch fixes that flaw and four others.

Complete story:

Security+, OSCP, CEH

Return to Hardware

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software