Apple iPhone: The ultimate hacking device.

Posted: October 5, 2007 in apple, hacking, iphone, metasploit

Forget about hacking your own iPhone, how about hacking someone elses?!
Apparently every process on the iPhone runs as root giving them full privileges. That means that a vunerability in an application could result in a fully compromised system.
H.D. Moore describes the whole issue very detailed on the Metasploit blog.
A few quotes: “Every process runs as root. MobileSafari, MobileMail, even the Calculator, all run with full root privileges. Any security flaw in any iPhone application can lead to a complete system compromise. A rootkit takes on a whole new meaning when the attacker has access to the camera, microphone, contact list, and phone hardware. Couple this with “always-on” internet access over EDGE and you have a perfect spying device.”

Lisa Vaas on eWeek.com also discussed the issue:

“The shellcode combined with the number of bugs present in the iPhone finally make mobile attacks a real threat,” wrote Errata Chief Technology Officer David Maynor in a blog posting.”

Charlie Miller—a researcher with Baltimore-based Independent Security Evaluators, and one of a trio who were first to unveil security issues with the iPhone and release iPhone “vibrate” shellcode at Black Hat 2007—told eWEEK in an interview that he wishes he’d been able to use Metasploit when he was writing exploits for the gadget back in July.

Charlie Miller, Jake Honoroff and Joshua Mason created an exploit for the iPhone’s Safari Web browser wherein they used an unmodified device to surf to a maliciously crafted drive-by download site. The site downloaded exploit code that forced the iPhone to make an outbound connection to a server controlled by the security firm. The researchers showed that a compromised device then could be forced to send out personal data, including SMS text messages, contact information, call history, voice mail information, passwords, e-mail messages and browsing history.

No news on whether Apple is aware of these issues and what their actions will be. Maybe they are too busy preventing people from unlocking their iPhones…..

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s