what you don't know can hurt you
Showing 1 - 25 of 108 RSS Feed

Operating System: iPhone

Safari Webkit For iOS 7.1.2 JIT Optimization Bug
Posted Aug 14, 2020
Authored by timwr, Ian Beer, kudima, WanderingGlitch | Site metasploit.com

This Metasploit module exploits a JIT optimization bug in Safari Webkit. This allows us to write shellcode to an RWX memory section in JavaScriptCore and execute it. The shellcode contains a kernel exploit (CVE-2016-4669) that obtains kernel rw, obtains root and disables code signing. Finally we download and execute the meterpreter payload. This module has been tested against iOS 7.1.2 on an iPhone 4.

tags | exploit, kernel, root, shellcode
systems | apple, iphone, ios
advisories | CVE-2016-4669, CVE-2018-4162
SHA-256 | 8ca4b125e9aba514f4d2bd3c12b5189f4dceafcaab577262cc602a11c87480fb
iOS Messaging Tools
Posted Aug 7, 2019
Authored by saelo, Google Security Research, natashenka

This repository contains several tools Project Zero uses to test iPhone messaging. It includes SmsSimulator: an SMS simulator for iPhone, iMessage: tools for sending and dumping iMessage messages, and imapiness: a fuzzer for IMAP clients. See the directory for each tool for further instructions and contact information. This is not an officially supported Google product. These tools were released and presented at BlackHat USA 2019.

tags | tool, telephony, imap, fuzzer
systems | apple, iphone
SHA-256 | fa8f560293640c4759f220069490d2498cf18f75ce1183b3ab8f77dd819585e5
iPhone iMessage Malformed Message Bricking
Posted Jul 4, 2019
Authored by Google Security Research, natashenka

An issue exists where a malformed iMessage can brick an iPhone. A method in IMCore can throw an NSException due to a malformed message containing a property with key IMExtensionPayloadLocalizedDescriptionTextKey with a value that is not a NSString.

tags | exploit
systems | apple, iphone
advisories | CVE-2019-8664
SHA-256 | 386b80597a37e396ddf40dd708c4b4c2f1bb231ffc13b70144ae69977d215d60
Visual Voicemail For iPhone IMAP NAMESPACE Use-After-Free
Posted May 21, 2019
Authored by Google Security Research, natashenka

Visual Voicemail for iPhone suffers from a use-after-free vulnerability in IMAP NAMESPACE processing.

tags | exploit, imap
systems | apple, iphone
advisories | CVE-2019-8613
SHA-256 | 9c8b27fd5dc694419a2e1fe2acaec09a3a3748cecd6c755d74306abf2fa147f4
Symantec Mobile Encryption For iPhone 2.1.0 Denial Of Service
Posted Sep 3, 2018
Authored by Luis Martinez

Symantec Mobile Encryption for iPhone version 2.1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | apple, iphone
SHA-256 | 119082c8fba0ce625f4d888eb4ead0b157fe56329f2ffa4dd557451514b85c3c
WordPress Windows Desktop And iPhone Photo Uploader File Upload
Posted Apr 9, 2015
Authored by Manish Tanwar

WordPress Windows Desktop and iPhone Photo Uploader plugin suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
systems | windows, apple, iphone
SHA-256 | 4066792653efe187fcf02429adee45b20e2c070fa70ff0034e4116b8ff3d3b8b
Air Transfer Iphone 1.3.9 Arbitrary File Download
Posted Aug 25, 2014
Authored by SaMaN

Air Transfer Iphone version 1.3.9 suffers from remote denial of service and unauthenticated file access vulnerabilities.

tags | exploit, remote, denial of service, vulnerability
systems | apple, iphone
SHA-256 | b8c61362492344b22533cf0c29ae89e1126382231a1db7c063c8dfffc085a1da
Packet Storm Advisory 2013-0903-1 - Apple Safari Heap Buffer Overflow
Posted Sep 4, 2013
Authored by Vitaliy Toropov | Site packetstormsecurity.com

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native code to compare array items. If this compare function reduces array length, then the trailing array items will be written outside the "m_storage->m_vector[]" buffer, which leads to the heap memory corruption. This finding was purchased through the Packet Storm Bug Bounty program.

tags | advisory, overflow, arbitrary, javascript, code execution, bug bounty, packet storm
systems | apple, osx, iphone, ios
advisories | CVE-2012-3748
SHA-256 | 84bd76ba4dce1e485a3431a2c7bbd07c262e86f184ca05e0931fac224f9ab746
Packet Storm Exploit 2013-0903-1 - Apple Safari Heap Buffer Overflow
Posted Sep 4, 2013
Authored by Vitaliy Toropov | Site packetstormsecurity.com

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. The exploit for this vulnerability is javascript code which shows how to use it for memory corruption of internal JS objects (Unit32Array and etc.) and subsequent arbitrary code execution (custom ARM/x64 payloads can be pasted into the JS code). This exploit affects Apple Safari version 6.0.1 for iOS 6.0 and OS X 10.7/8. Earlier versions may also be affected. It was obtained through the Packet Storm Bug Bounty program.

tags | exploit, overflow, arbitrary, javascript, code execution, bug bounty, packet storm
systems | apple, osx, iphone, ios
advisories | CVE-2012-3748
SHA-256 | 14c94c8c5cb510aa3236b42b9618aa54726915b4e116afea229961e936fb158d
Transferable Remote 1.1 XSS / LFI / Command Injection
Posted Feb 13, 2013
Authored by Benjamin Kunz Mejri, Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

Transferable Remote version 1.1 for iPad and iPhone suffers from cross site scripting, remote command injection, and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, file inclusion
systems | apple, iphone
SHA-256 | 6877edbaf520d3096e1f6a36769dac53f740caf0b99e3898e1a5b85af18136ef
Air Disk Wireless 1.9 LFI / Command Injection
Posted Feb 8, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Air Disk Wireless version 1.9 for iPad and iPhone suffers from local file inclusion and command injection vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
systems | apple, iphone
SHA-256 | 6f2789cd45882d7450ce7572d4406c8d84c4b10091095db5ba30b7f40fd8ded1
Twitter 5.0 Eavesdropping Proof Of Concept
Posted Nov 22, 2012
Authored by Carlos Reventlov

The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included.

tags | exploit, web, proof of concept
systems | apple, iphone
SHA-256 | e23c89d44db9163f784b4ff04d606d1d56ae5646f4b6067a4cf9eb08c6eab232
Forensic Analysis Of iPhone Backups
Posted Jul 12, 2012
Authored by Satish Bommisetty

This article explains the technical procedure and challenges involved in extracting data and artifacts from iPhone backups.

tags | paper
systems | apple, iphone
SHA-256 | 91d87e6d4d62c26dfb2d234b849782b8cc383017bef870f2d1f7066ccb41ab9f
iOS Application (In)Security
Posted May 6, 2012
Authored by Dominic Chell | Site mdsec.co.uk

This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance.

tags | paper, vulnerability
systems | cisco, apple, iphone
SHA-256 | 334c947d960799417387ce8f1c27188fc7f859bd204b9dc50890663d07a20fba
IPhone TreasonSMS HTML Injection / File Inclusion
Posted Apr 23, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

IPhone TreasonSMS suffers from html injection and file inclusion vulnerabilities.

tags | exploit, vulnerability, file inclusion
systems | apple, iphone
SHA-256 | 970c996aa7c982bb7a6e11f66d1c1cddee59c395b7871150919ec0fabb8a448b
Vopium Clear Text Disclosure
Posted Jan 21, 2012
Authored by Henry Paduwa

Vopium for Android and iPhone leaks various data such as your password by passing it in the clear.

tags | advisory, info disclosure
systems | apple, iphone
SHA-256 | 006feebf3184c898d414ea373175d64843914bb7e535369ca74b8aa5cfe9312b
iPhone Forensics On iOS 5
Posted Jan 20, 2012
Authored by Satish Bommisetty

This is a brief whitepaper discussing how to perform forensics on iOS 5 on the iPhone.

tags | paper
systems | apple, iphone
SHA-256 | 343b3862d39127f659978159079fb88e96475725f86982f827ebd28b23cbf412
Hacking iOS Devices
Posted Dec 7, 2011
Authored by Japson

Whitepaper called Hacking Dispositivos iOS. It demonstrates how dangerous it is to be connected to a wireless network with an iOS device that has OpenSSH enabled. Written in Spanish.

tags | paper
systems | apple, iphone
SHA-256 | 69fe6147bbfce7aa1f1fda7be05564726198e6a7762c9a4c617c46545fd0da39
iPhone/iPad Phone Drive 1.1.1 Directory Traversal
Posted Aug 9, 2011
Authored by IRCRASH, Khashayar Fereidani | Site ircrash.com

iPhone/iPad Phone Drive version 1.1.1 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
systems | apple, iphone
SHA-256 | 9ce0c276f2718f6d58f886cee41cf5f3c43da205d27b9901882eb2578567dd7f
Secunia Security Advisory 44154
Posted Apr 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities has been reported in Apple iOS for iPhone 4 (CDMA), which can be exploited by malicious people to compromise a vulnerable device.

tags | advisory, vulnerability
systems | cisco, apple, iphone
SHA-256 | 58241a550a74f073ce9e13066fa22ac36bdc09a8c6c0a69f7d4b774dc7e3caac
Secunia Security Advisory 43832
Posted Mar 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apple iPhone iOS, which can be exploited by malicious people to compromise a vulnerable device.

tags | advisory
systems | cisco, apple, iphone
SHA-256 | 4ca404bb386a61c3ee07e03daf7c440fe7d870c7282ded69cdf586b1ead8c81a
Zero Day Initiative Advisory 11-109
Posted Mar 22, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-109 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on the iPhone. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for parsing Office files. When handling the OfficeArtMetafileHeader the process trusts the cbSize field and performs arithmetic on it before making an allocation. As the result is not checked for overflow, the subsequent allocation can be undersized. Later when copying into this buffer, memory can be corrupted leading to arbitrary code execution under the context of the mobile user on the iPhone.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple, iphone
advisories | CVE-2011-1417
SHA-256 | 0581a4c68f5e63d36a00736efee38f3d2bb3ee49ea8fb2e43d4cdad83da323dc
Checkview 1.1 For iPhone / iPod Touch Directory Traversal
Posted Mar 15, 2011
Authored by kimastory

Checkview version 1.1 for iPhone / iPod Touch suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
systems | apple, iphone
SHA-256 | 0c1c7c235e48be30034e09b5c091b9c55a816798098f00028fbecaed5480a878
Air Contacts Lite Denial Of Service
Posted Mar 10, 2011
Authored by ipax | Site dclabs.com.br

The Air Contacts Lite iPhone / iPod application suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | apple, iphone
SHA-256 | 036dcf267ec003320d5b64aad82a254c7e057c458b57b30432860f42451bad23
Apple iPhone 4 Passphrase Disclosure
Posted Mar 7, 2011
Site tehtri-security.com

Apple iPhone 4 with iOS 4.3 (8F190) suffers from a passphrase disclosure vulnerability that allows all local processes access to it.

tags | advisory, local
systems | apple, iphone
SHA-256 | 50b3289c4489d4defcfdf5ed6c483a646482853dbb3b0aa3477ed046497aa078
Page 1 of 5
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close