logo

part

Category: tools | Posted by Avatar Staff 337 days ago
Via: http://blog.metasploit.com | Tags: Cracking the iPhone part comments Discuss  
In part one of "Cracking the iPhone", I described the libtiff vulnerability. In part two, I walked through the process of exploiting it. In part two point one, I covered a new exploit approach that resulted in reliable code execution. The one piece still missing is what to do once code execution is obtained. An unmodified iPhone does not include an interactive shell, nor any of the standard Unix tools. In order to make this exploit useful, the user needs a payload that can install arbitrary executables on read more »
addto Add this link to... report Bury 
Category: tools | Posted by Avatar Staff 337 days ago
Via: http://blog.metasploit.com | Tags: Cracking the iPhone part comments Discuss  
In part two of "Cracking the iPhone", the final result was a working exploit for the libtiff vulnerability. This exploit depended on four key addresses to work properly. The first address was the stack pointer where our string was stored. The stack pointer is static across the same version of the application, but does change between major versions. Due to this address change, a different stack address had to be used for MobileMail versus MobileSafari, and version 1.02 had a different address than 1.1.1. Th read more »
addto Add this link to... report Bury 
Category: tools | Posted by Avatar Staff 337 days ago
Via: http://blog.metasploit.com | Tags: Cracking the iPhone part comments Discuss  
In part one of "Cracking the iPhone", I described the libtiff vulnerability, its impact on iPhone users, and released the first version of my hacked up debugger. In this post, I will walk through the process of actually writing the exploit.First off, a new version of weasel (hdm-0.02) has been released. This version includes an entirely new disassembly backend, courtesy of libopcodes, and supports thumb-mode instructions. Thumb is a 16-bit instruction mode for ARM processors that is designed to save memory read more »
addto Add this link to... report Bury 
Category: tools | Posted by Avatar Staff 337 days ago
Via: http://blog.metasploit.com | Tags: Cracking the iPhone part comments Discuss  
In my last post, I described the Apple iPhone in terms of being a security tool and a security target. At the time, I had just finished a first pass on iPhone shellcode. What I didn't realize was that a stock iPhone does not include a /bin/sh executable, nor any of the standard Unix command line tools. My shellcode would only be useful against iPhones which had been updated with the BSD environment package.A few days later, Apple released the 1.1.1 update. This update removed any installed third-party pack read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 21 days ago
Via: http://lists.jammed.com | Tags: isn rise sunni shiite tension part i sunni shiite hacker war internet comments Discuss  
From: InfoSec News <alerts_at_private>Date: Wed, 17 Dec 2008 00:15:47 -0600 (CST)http://www.memri.org/bin/latestnews.cgi?ID=IA48008By L. Azouri The Middle East Media Research InstituteDecember 16, 2008IntroductionThe conflict between Iran and Sunni countries - especially Saudi and Arabia Egypt - has escalated the tension between Sunnis and Shi'ites in the Muslim world. This escalation has had several manifestations:I. Anti-Shi'ite Statements by Sheikh Yousef Al-QaradhawiSheikh Yousef Al-Qaradhawi, he read more »
addto Add this link to... report Bury 


Copyright 2005-2008 Best of Security