Untethered Jailbreak To Be Postponed Until Apple Releases iOS 4.3.1

Written by Gradly on . Posted in Apple, blog, Jailbreak, News, Rants & Raves, Rumors

After the successful iOS 4.3 Untethered Jailbreak (video below), the hacker behind the exploit seemingly will hold his jailbreak until Apple releases iOS 4.3.1.

With Apple already baking 4.3.1 the first one releasing an iOS 4.3 jailbreak will pretty much burn the exploit 😛
Well Apple should release 4.3.1 very soon, because tomorrow everybody knows that @0xcharlie popped an iPhone 4 at #pwn2own through Safari.

The hacker expected that Apple will release iOS 4.3.1 specially after the hackers (at Pwn2Own contest) has successfully hacked iPhone 4 via vulnerability which found in Mobile Safari running iOS 4.2.1.

[Tweets [1], [2]]

Charlie Miller Wins Again by Hacking into iPhone 4

Written by Gradly on . Posted in Apple, blog, Funny, Jailbreak, News, Rants & Raves

After The French security firm Vupen hacked Safari in just a few seconds here comes a new winning story but this time hacking into iPhone 4.

Charlie Miller kept his Pwn2Own winning streak intact with another successful hack of an Apple product. This time by successfully hacking into iPhone 4 using an exploit found in Mobile Safari to swipe the address book of the compromised iPhone.

 

The attack simply required that the target iPhone surfs to a rigged web site.  On first attempt at the drive-by exploit, the iPhone browser crashed but once it was relaunched, Miller was able to hijack the entire address book.

Miller said the attack works perfectly against an iPhone running iOS 4.2.1 but will fail against the newest iOS 4.3 update. Apple has quietly added ASLR (address space layout randomization) to iOS 4.3, a key mitigation that puts up an extra roadblock for hackers.

In an interview with ZDNet, Miller said:

If you update your iPhone today, the [MobileSafari] vulnerability is still there, but the exploit won’t work. I’d have to bypass DEP and ASLR for this exploit to work.

As of 4.3, because of the new ASLR, it will be much harder.

SAfari-504-pwned

Safari 5 Pwned at Pwn2Own Hacking Contest in 5 Seconds

Written by Gradly on . Posted in Apple, blog, Funny, Jailbreak, Microsoft, News, Rants & Raves

The folks at computerworld reports that in just a few minutes before Pwn2Own contest, Apple released Safari 5.0.4 along with iOS 4.3. At the contest, MacBook Air and Safari 5.0.4 pwned in five seconds. The French security firm Vupen which won a cool $15,000 and a MacBook Air for beating its perks in pwning Apple’s browser. It took the team just a few seconds to exploit an unpatched Safari vulnerability. “We pwned Apple Safari on Mac OS X (x64) at pwn2own in 5 seconds,” they tweeted.

Besides, Internet Explorer 8 was taken down by Stephen Fewer, who used three separate vulnerabilities to get out of Protected Mode and crack that browser’s best locks.

Google made a proud challenge as it said it’d pay $20,000 to any team or individual who could successfully hack Chrome. Till now it’s still safe.

Hoping that Apple will get a Safari fix out soon.

iBooks Crashes On Jailbroken iOS Device Fixed [Updated]

Written by Gradly on . Posted in Apple, blog, Jailbreak, News

The well-known iPhone hacker Comex and the guy behind Spirit and JailbreakMe, has just find a way to fix iBooks crash which occurs after jailbreaking you iOS device, if you saw this message “There is a problem with the configuration of your iOS Device. Please restore with iTunes and reinstall iBooks“ so your iOS device has been infected.

Comex has announced about this via his twitter by some techy words, anyway it’s expected that Comex will embed some new patches on the upcoming jailbreak tools to fix these crashes.

@Comex: It seems that before opening a DRMed book, iBooks drops an improperly signed binary, tries to execute it, and if it works concludes that the device is jailbroken and refuses to open the book. This is what the binary does: int main() { return 42; }
Later, MuscleNerd of iPhone Dev Team also confirmed the fix:

Update:

The Fix is now availabe on Cydia
  • Add http://repo.insanelyi.com repository in Cydia
  • Install “iBooks Fix”. you are done!

Pin It on Pinterest