blackmac Posted July 23, 2007 Share Posted July 23, 2007 So I found this link http://www.securityevaluators.com/iphone/ over on macrumors... The facts as they stand so far are: 1. A user is sent to a page (under attackers control {dns redirect, email link, etc}) and the contents of the iphone memory (still foggy on "stored in the memory" so maybe its just recent logs??) is sent to the attacker. 2. The attacker can only redirect a "trusted" page via WiFi, direct link, or obfuscated link. 3 The iPhone Safari browser is a fork of the 2.x Safari (native) tree. SO... whats your thoughts on it? I'm thinking they used a Safari 2.x exploit and just adapted it to the iphone - as during the forking process things that have since been patched in later 2.x / 3.xBeta releases may have not been included in the iPhone gold release. My first instinct is a modification to the WebKit Safari Exploit. Link to comment https://www.insanelymac.com/forum/topic/57884-iphone-exploit/ Share on other sites More sharing options...
Recommended Posts