Results 1 to 10 of 10
Discuss Major Security Flaw in 2.0.2 at the General - Hackint0sh.org; as read on the macrumors forum, 2.0.2. haz a security flaw 2.0.2 gives almost full ...
  1. #1
    Supporter Array bluesky's Avatar

    Join Date
    Sep 2007
    Location
    Castricum, Netherlands
    Posts
    137
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default Major Security Flaw in 2.0.2

    as read on the macrumors forum, 2.0.2. haz a security flaw

    2.0.2 gives almost full access to the iPhone even while under password protection...

    Steps to Reproduce

    Set iPhone to use passcode lock, have contacts marked as Favorites with links, phone numbers, addresses, etc in address book entry.

    Tap "Emergency Call" keypad from passcode entry screen.

    Double-tap home button.

    Tap blue arrow next to contact's name. You now have full access to applications such as Safari, complete Contacts list, SMS, Maps, "full" Phone access, and Mail by accessing various entries on the Favorite's page, i.e. tapping their home page brings up a full, unrestricted Safari.
    iPhone 5 16GB iOS 6.1 Company (p)owned
    iPhone 4 16GB iOS 6.1 jailbroken
    iPad Mini 16GB, iOS 6.1 jailbroken
    MacBook Pro 8GB RAM, 240GB SSD running OSX 10.8.3
    follow me at http://twitter.com/bluesky_nl



  2. #2
    Professional Array

    Join Date
    Oct 2007
    Posts
    50
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    9

    Default

    Simple Fix: Assign BossPrefs to 'Double tap Home Button" on the jailbroken phones!
    Or change the mapping to something else.

    This is not new :-
    The JailBreakme.com method used to work on this principle.
    Last edited by vinodis; 08-27-2008 at 03:02 PM.

  3. #3
    Senior Professional Array Boiling Ice's Avatar

    Join Date
    Jun 2006
    Posts
    127
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default

    where have you been in the last 2 years?? LOL

    This is not new, and it's been used by so many users to jailbreak their iPhones

  4. #4
    Administrator Array

    Join Date
    Oct 2007
    Posts
    4,145
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    This is new news ...
    The other method you refer to is different :-)
    ** If you just want to support hackint0sh.org with a donation click here **

  5. #5
    Speedy Administrator Array n350z's Avatar

    Join Date
    Nov 2007
    Location
    United Kingdom
    Posts
    3,021
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    10

    Default

    Interesting find

    If you change the Home Button double tab settings to (Home) it doesn't give you access to the phone directory.

    If you change it to iPod and you then get access to music files
    -
    Read the stickies and search the forum before posting!
    Did we solve your problem? +1 us above
    If you want to become a Hackint0sh supporter click here
    ----------
    Follow Hackint0sh Follow Me


  6. #6
    Ninja Hack Array )law('s Avatar

    Join Date
    Mar 2008
    Location
    Some girls house...
    Posts
    3,325
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    194

    Default

    This is not on 2.0.1, if your on 2.0.2 and paranoid just change the home button settings, simple as that. Maybe bigboss or some other skilled dev can find away to disable the home button when on the lock screen
    Playstaion 3 gamer tag HackNinjaLaw

    Off the scene till i get a new lcd or a new iphone

  7. #7
    Amazingly Knowledgeable Array rugburn's Avatar

    Join Date
    Aug 2007
    Posts
    965
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    69

    Default

    ...


    Here's the Video on the Security Flaw....

    Provided by Gizmodo....


    http://gizmodo.com/5042332/huge-ipho...?autoplay=true


    and yes the Flaw works on 2.0.1 Firmware as well i just tried it on my iPhone firmware 2.0.1...
    ...
    iPhone 1.0.2 OTB->Virginized->1.1.4 FW->Winpwn FW 2.0.1 Quickpwn 2.0.1 to FW 2.2.1->RedsnOw->3.0 FW itunes3.0.1FW->RedsnOw 8 to unlock->RedSnow 0.9.2 upgrade to 3.1.2->iPhone 2g 3.1.2 and as of July 30th,2010->iPhone 4-32GB & iPhone 4-16Gb->Unlocked

    Can someone give me a thumbs up click on Reputation ...thanks

    --------

  8. #8
    Supporter Array bluesky's Avatar

    Join Date
    Sep 2007
    Location
    Castricum, Netherlands
    Posts
    137
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    14

    Default

    Quote Originally Posted by Boiling Ice View Post
    where have you been in the last 2 years?? LOL

    This is not new, and it's been used by so many users to jailbreak their iPhones
    2 years ? Let me tell you that the iPhone is here since june 29 2007, so that's a little over 1 year

    And not the same as the first software unlock method, which uses another security hole to get safari running in order to use again another security bug (the famous tiff exploid, http://www.macnn.com/articles/07/10/...xploit.detail/)


    Cheers
    iPhone 5 16GB iOS 6.1 Company (p)owned
    iPhone 4 16GB iOS 6.1 jailbroken
    iPad Mini 16GB, iOS 6.1 jailbroken
    MacBook Pro 8GB RAM, 240GB SSD running OSX 10.8.3
    follow me at http://twitter.com/bluesky_nl

  9. #9
    Respected Professional Array hquest's Avatar

    Join Date
    Nov 2007
    Location
    Jersey City, NJ / Curitiba, BRA
    Posts
    615
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    50

    Default

    Another tip: Do not use Favorites

    Long live to sluggish Contacts.app browsing

  10. #10
    Rookie Array

    Join Date
    Apr 2008
    Posts
    12
    Post Thanks / Like
    Downloads
    0
    Uploads
    0
    Rep Power
    0

    Default

    Quote Originally Posted by )law( View Post
    This is not on 2.0.1, if your on 2.0.2 and paranoid just change the home button settings, simple as that. Maybe bigboss or some other skilled dev can find away to disable the home button when on the lock screen
    On my Jailbroken 2.0.1 I can do it.


 

 

Similar Threads

  1. Replies: 0
    Last Post: 11-08-2011, 09:00 AM
  2. Slashdot: Mac OS X Users Vulnerable To Major Java Flaw
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 05-29-2009, 05:10 AM
  3. Slashdot: Mac OS X Users Vulnerable To Major Java Flaw
    By hackint0sh in forum Latest Headlines
    Replies: 0
    Last Post: 05-20-2009, 11:20 AM
  4. New security flaw in iPhone discovered
    By anupkm in forum General
    Replies: 1
    Last Post: 12-01-2008, 05:55 PM
  5. WARNING: Major security flaw with iTunes.
    By NotFound in forum General
    Replies: 13
    Last Post: 05-02-2008, 05:33 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Powered by vBulletin®
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Friendly URLs by vBSEO
(c) 2006-2012 Hackint0sh.org
All times are GMT +2. The time now is 11:39 AM.
twitter, follow us!