iPhoneRoot.com       

News tagged ‘exploit’


Foxconn's Servers Hacked, Exposing Vendor Usernames and Passwords





login

Swagg Security hacking group announced this week that they managed to hack Foxconn servers that expose usernames and passwords for clients and employees. Such information could be used to place fraudulent orders for companies like Apple and Microsoft.

Swagg Security alleged that it had bypassed Foxconn's firewall "almost flawlessly." Using several hacking techniques and a couple of days time, the hackers reportedly dumped "most of everything of significance," including usernames and passwords. According to the group, the leaked passwords "could allow individuals to make fraudulent orders under big companies like Microsoft, Apple, IBM, Intel, and Dell."


Read the rest of this entry »




|
   

Leave a comment

Written by Svetlana Osipova

Thursday, February 9th, 2012. 20:48

Sn0wBreeze 2.9 released: brings iOS 5.0.1 untether



sn0wbreeze-29

iH8sn0w has released new version of popular jailbreak utility Sn0wBreeze 2.9. Sn0wbreeze is used to create a custom firmware with jailbreak and preserve iPhone modem (baseband) version for unlock. New version 2.9 adds support for untethered iOS 5.0.1 jailbreak as well as support for all firmwares supported by previous versions of sn0wbreeze.

For now Sn0wBreeze 2.9 supports untethered jailbreak for iOS 3.1.3, 3.2.x, 4.0.x, 4.1, 4.2.1 - 4.2.8, 4.3 - 4.3.3 and 5.0.1. Supported devices are: iPhone 2G, iPhone 3G, iPhone 3GS, iPhone 4, iPad 1, iPod Touch 2G, iPod Touch 3G, iPod Touch 4G.


Read the rest of this entry »




|
   

Leave a comment, read comments [14]

Saurik makes contribution towards iPad 2 and iPhone 4S untethered jailbreak



a5-jail-1

It looks like iPad 2 and iPhone 4S untethered jailbreak will truly be a team effort. Recently another hacker Saurik joined the team and made "some major contributions" yesterday.

Last week Pod2g announced that Planetbeing, MuscleNerd, and P0sixninja joined his effort to release an untethered iOS 5.0.1 jailbreak of the iPhone 4S and iPad 2 (A5 CPU devices).

Today, MuscleNerd noted that the team has received some major contributions from saurik:


Read the rest of this entry »




|
   

Leave a comment

"Dream Team" will work on untethered iPad 2 and iPhone 4S jailbreak



pwned

Pod2g has recently announced that Planetbeing, MuscleNerd, and P0sixninja have joined his effort to release an iOS 5.0.1 untethered jailbreak for the iPhone 4S and iPad 2.

@planetbeing, the legendary hacker behind iPhone Linux and lot of jailbreaks has joined the A5 research! The famous @MuscleNerd, the leader of the iPhone Dev Team, who did a lot of tests for Corona and whom integrated it and made it simple in redsn0w is willing to help also. And last, but not least @p0sixninja, the leader of the Chronic Dev Team, and my partner for years on iPhone security research has started to code and fuzz the Apple sandbox.

That means that we now have a dream team to create a public release of the A5 jailbreak.


Read the rest of this entry »




|
   

Leave a comment, read comments [7]

RedSn0w 0.9.9b9b released: now fully supports iOS 5.0.1 and SHSH/APTickets



redsn0w-099b9

iPhone Dev-Team released RedSn0w 0.9.9b9 with full iOS 5.0.1 support (no need to point to iOS 5.0 any more). New version also features support for SHSH and APTickets:

  • native support for 5.0.1 (no need to point redsn0w at 5.0 IPSW or use command-line args).  Support automatically extends to all of redsn0w’s various functions: “Jailbreak”, “Just boot”, “Fetch blobs”, “Stitch blobs”, “Recovery Fix”
  • iBooks fixed in 5.0 and 5.0.1.  This is a targeted fix that doesn’t remove entire sandbox mechanism.  5.x users already using redsn0w “Just Boot” can just use the new version without redoing entire jailbreak again
  • 3GS old-bootrom owners can now create custom IPSWs without blobs
  • ultrasn0w compatability update (i.e. same baseband requirements) for 5.0.1 will be available on Cydia Monday
  • support for newer 8GB iPhone4 (which until now had problems with “Fetch blobs”).  Thanks to @JKjeepnJeff for loaning us one of these newer i4 units for testing!
  • allows Windows users (not just OS X users) to use the “Custom” button to create IPSWs without baseband updates.  (Update: please wait for 0.9.9b9b for this!)
  • accommodates APTickets in 5.x (until next Apple countermove).  APTickets are crypto-verified before submitting to Cydia, just like the main blobs.  Cydia server support for sending back the APTickets is upcoming.  For now, use stitched IPSWs for 5.x.  Due to APTickets, stitched 5.x IPSWs now require user to start in “Pwned DFU” mode
  • Support added for stitching 4.x blobs to iPad2-GSM IPSWs.  Similar to @notcom’s TinyCFW but doesn’t require lots of RAM or a TSS-assisted restore. Won’t work for iPad2 5.x blobs (or iPhone4S at all) until a bootrom-level exploit is out
  • top line now shows whether (and where) a redsn0w update is available, or if the version being run is the latest.  Uses DNS TXT record to alleviate any concerns about snooping
  • no 5.1 beta support at this time (major apps like Cydia are not yet compatible)
  • @pod2g has been doing a great job porting his 5.x untether…check his blog for updates!
  • Owners of newer 3GS iPhones must not flash the iPad baseband.  The iPad baseband will not work on 3GS iPhones built later than 2011 week 35.  You have a week 35 or later device if your serial # starts with xx135.
Update #17b: Version 0.9.9b9b enables the “Custom” button for Windows users, and make the 3GS week 35 warning a more explicit part of the process.

You can download RedSn0w 0.9.9b9b here.

UPDATE: redsn0w updated to redsn0w 0.9.9b9d.

Read the rest of this entry »




|
   

Leave a comment, read comments [24]

iOS 5 untethered jailbreak is almost ready (Video)



Chronic Dev Team is almost done with a much anticipated untethered jailbreak for iOS 5 and iOS 5.0.1. Team member and French hacker pod2g just released a video showing off the jailbreak. It looks to be near-complete and functioning properly. Take a look:

pod2g even created a blog, where he plans to post the most recent news about his progress:


Read the rest of this entry »




|
   

Leave a comment, read comments [15]

Chronic Dev-Team Releases CrashReporter for Windows



crashreporter

The Chronic Dev-Team has released CDevReporter, their new tool that lets you help find jailbreak vulnerabilities, for Windows.

You can download the Mac and Windows versions of CDevReporter here:

More information is available in our recent post "Want untethered iOS 5 jailbreak? Help hackers to find new exploits!".




|
   

Leave a comment

Want untethered iOS 5 jailbreak? Help hackers to find new exploits!



crash-reporter

Semi-tethered jailbreak is already available for some devices for both iOS 5 and iOS 5.0.1. But we all want untethered jailbreak and we want jailbreak for iPad 2 and iPhone 4S. So why not help hackers to find new exploits and vulnerabilities?

The Chronic Dev-Team has a released a tool to collect crash reports from iOS devices in order to find vulnerabilities that could lead to an untethered jailbreak.

The idea is very simple. When your iPhone, iPad or iPod Touch crashes it sends data to Apple (you can turn it this off though). Apple uses these reports to update iOS in the future. By the way, it also uses them to fix exploits found by jailbreakers. P0sixninja says that Apple closed several exploits they have found in IOS 5 beta before the final version of the software was released.

In order to find more vulnerabilities as fast as possible, the team has developed a tool which will copy the crash reports from your device and analyze them to locate potential exploits. The tool will also remove the crash reports from your device and modify your iTunes installation to prevent uploading of that diagnostic information to Apple.


Read the rest of this entry »




|
   

Leave a comment

Developers crack Siri’s security protocol to enable it with any device



siri_icon

A team of developers called Applidium has announced that they managed to investigate how Siri, exclusive service available on the iPhone 4S, talks to Apple servers. Applidium notes that iPhone 4S uses standard HTTPS network requests to communicate with Apple's servers, but sends data using an "ACE" command rather than regular web GET requests. Moreover, each Siri request involves a unique identifier based on UUID. Such identifier prevents access of unauthorized devices to Apple’s servers. User’s requests are compressed with the Speex audio codec optimized for VoIP. Applidium discovered that iPhone, to provide Siri’s voice recognition, should support at least Siri's basic voice recognition features, but Apple doesn’t plan to port such capabilities on earlier iOS 5 models.

So far, Applidium's investigation has revealed that Siri packages requests in compressed property lists, but further exploration of the protocol is hampered by a number of issues, including the complexity of requests, the fact that they are tied to a hardware key, and that they are subject to change.

Noteworthy, Apple could at any time stop supporting a particular hardware identifier, if it is suspected of being used to exploit its servers, and change way of data transmitting.

Applidium says "anyone could now write an Android app that uses the real Siri! Or use Siri on an iPad!" But you will need a real unique user key of an actual iPhone 4S.




|
   

Leave a comment

Jailbreakers and unlockers: don't update to iOS 5.0.1



noupdate501

Apple has recently released iOS 5.0.1. It is still tethered jailbreakable. However if you want untethered jailbreak or unlock - you should stay away from 5.0.1

Earlier this week pod2g reported that a code signing bug found in iOS 5.0 will make it easier for hackers to develop a full jailbreak for iOS 5 firmware version. That bug might have been closed in iOS 5.0.1. UPDATE: According to pod2g the bug is still present, but harder to exploit because another exploit found by Charlie Miller is fixed in iOS 5.0.1.

Also, MuscleNerd via twitter has warned iOS users that there is no downgrade from iOS 5.0.1 to iOS 5.0 yet and he recommends to wait until downgrade mechanism is available.

Jailbreakers and unlockers should avoid today's 5.0.1 until a flow for downgrading to 5.0 is developed.

Downgrade flow needs to be modified for AP "nonce" http://is.gd/b3G0io ... saved SHSH blobs are not enough to downgrade to 5.0




|
   

Leave a comment

iOS Security Exploit Allows Apps To Execute Malicious Code



Video where Miller demonstates this exploit

According to Forbes, security specialist Charlie Miller has found an exploit on iOS devices, which allows developers to put malware apps onto the App Store without detection. These malware apps can be used to steal user’s contacts, photo and other information, play a ringtone, make the device vibrate and more at any time the developer chooses.


Read the rest of this entry »




|
   

Leave a comment

Written by maxim

Tuesday, November 8th, 2011. 12:33

There will be an untethered iOS 5 jailbreak



MyGreatFest

Hackers from the Chronic Dev Team recently announced that they have found 5 userland exploits in iOS 5. To us this means that it is very likely that an untethered jailbreak will be available for the upcoming firmware release.

P0sixninja made the announcement at MyGreatFest jailbreak conference held in London, England.

While this is a "record breaking number of exploits found", userland exploits can be easily fixed via a minor software update. The exploits are kept in secret, so hopefully Apple won't fix them before the expected iOS 5 launch next month.

The jailbreak is expected for all devices, including iPhone 3GS, iPhone 4, iPad, iPad 2, iPod Touch and even future iPhone 4S and iPhone 5.




|
   

Leave a comment

RedSn0w 0.9.8b7b: untethered 4.3.5 jailbreak for iPhone 3GS and full support for iOS 5 Beta 7



redsn0w-098b7b

The iPhone Dev-Team has released RedSn0w 0.9.8b7b to bring two new main features:

  • explicit tethered jailbreak support for iOS 5 Beta 7
  • untethered jailbreak for iPhone 3GS with old bootrom (iOS 4.3.5 or iOS 5 Beta 7)

Musclenerd posted via twitter:

New redsn0w is.gd/6eek4Y explicitly supports iOS5b7 (no need to point at b6 IPSW). Also brings back old-bootrom 3GS goodies.

This is great news for both developers and owners of old bootrom iPhone 3GS's who accidentally updated to iOS 4.3.5.

DevTeam posted:

About 12 hours after we released redsn0w 0.9.8b7 with some improvements for iOS5b6, Apple went and released iOS5b7 (what are the odds of that?!?). Even though that redsn0w could still jailbreak iOS5b7, you needed to point it at the iOS5b6 IPSW to do so. Today’s redsn0w 0.9.8b7b lets you point redsn0w directly at the iOS5b7 IPSW instead.

We’ve also added some overall improvements for old-bootrom 3GS owners (where the 24kpwn exploit applies): on those devices, you can tell redsn0w to untether 4.3.5 and lower, or iOS5b7. Old-bootrom 3GS owners can once again choose custom logos, and/or verbose booting (for the really nerdy iPhone3GS fans out there!). And it allows 4.3.4 or 4.3.5 users to use ultrasn0w again (if they have a compatible baseband).

Last but not least, we fixed some lingering Verizon iPhone4 4.2.10 JB issues.

We will update our tutorials shortly.

You can download RedSn0w 0.9.8b7b here.

Here are links to our RedSn0w 0.9.8b7b iOS 4.3.5 jailbreak tutorials:




|
   

Leave a comment, read comments [43]

DevTeam released tethered jailbreak for iOS 4.3.4



redsn0w-098b3

The iPhone Dev-Team has released RedSn0w 0.9.8b3 which can perform a tethered jailbreak on iOS 4.3.4. This means that you will have to connect your device to a computer and run redsn0w each time you restart.

For the convenience of kernel hackers like @comex and @i0n1c, we have a new redsn0w 0.9.8b3 that supports a TETHERED jailbreak for iOS 4.3.4 on all devices that have 4.3.4 except the iPad2. The vast majority of people will want to stay back at 4.3.3 because that's where the untethered jailbreak is! There are no new features in 4.3.4 - only fixes for jailbreak exploits.

Also, this is a good time to remind everyone (since we're still seeing confusion about this): iPad2 owners with a baseband (3G or CDMA) cannot currently use saved blobs to go back to 4.3.3 once the signing window is closed. This is unlike every other device, so don't be confused! iPad2 owners with basebands should stay away from all updates to maintain your jailbreak!

This jailbreak works with iPhone 3GS, iPhone 4, iPad 1, iPod Touch 3G and iPod Touch 4G. It does not work with iPad 2.

You can download RedSn0w 0.9.8b3 from here: (Mac, Windows)




|
   

Leave a comment, read comments [2]

Direct download links for iOS 4.3.4



ios-4.3.4

Apple have recently released iOS 4.3.4 for iPhone 4, iPhone 3GS, iPad 1, iPad 2, iPod Touch 3G and iPod Touch 4G. Here are the direct links for each device that is supported by the update:




|
   

Leave a comment